Snort mailing list archives
Re: syslog facility
From: Rich Adamson <radamson () routers com>
Date: Thu, 14 Jul 2005 09:24:44 -0600
Sorry for the RTFM question, but I have not found the answer yet, and when I google it I get 14 different responses :P when I use the -s option to log to syslog what facility does that log to.
Look in your snort.conf and read the section relating to output alert_syslog: host=127.0.0.1, LOG_AUTH LOG_ALERT Those last two parameters are the facility and priority used. They apply to Win32 and linux implementations. ------------------------------------------------------- This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- syslog facility Chris Stankaitis (Jul 14)
- Re: syslog facility Rich Adamson (Jul 14)
- Re: syslog facility Joel Esler (Jul 14)
- Re: syslog facility Joel Esler (Jul 14)