Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Using Snort with Kiwi Syslog

From: "Michael Steele" <michaels () winsnort com>
Date: Wed, 25 Apr 2012 18:55:02 -0400
Have you tried:

 

http://www.kiwisyslog.com/index.php?option=com_kb
<http://www.kiwisyslog.com/index.php?option=com_kb&page=articles&articleid=1
23&Itemid=244> &page=articles&articleid=123&Itemid=244

 

Kindest regards,

Michael...

 

WINSNORT.com Management Team Member

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org>
http://www.snort.org *

*********************************************************

 

From: Jonn Callahan [mailto:jonn.callahan () gmail com] 
Sent: Wednesday, April 25, 2012 5:46 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Using Snort with Kiwi Syslog

 

So I'm a complete loss at this point. I've set up Snort using Kasey's guide
and got it to work successfully. I also set up Kiwi and am able to receive
alerts using the SyslogGen they provide from both a remote and the local
machine. However, I can't seem to get Snort to send it's message to Kiwi.
Currently, I'm running Snort using 


C:\Snort\bin\snort -i1 -s -c C:\Snort\etc\snort.conf -l C:\Snort\log

 

I have also appropriately modified my snort.conf file according to Kasey's
guide including:

# syslog

output alert_syslog: host=127.0.0.1:514, LOG_AUTH LOG_ALERT

 

Anyone have any insight into what the issue might be? I'm currently running
both Snort and Kiwi on the same Win7 Pro x86 VM.

 

-Jonn


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: