Snort mailing list archives
Re: logging to syslog
From: JJC <cummingsj () gmail com>
Date: Wed, 19 Sep 2012 10:25:48 -0600
Try using barnyard2 On Wed, Sep 19, 2012 at 9:51 AM, Benjamin Lincoln <BLincoln () bannerbank com>wrote:
I’ve been having problems with the newest version of snort 2.9.3.1 not sending syslog information to our server.**** I’ve configured snort to install using the command snort –c c:\snort\etc\snort.conf –l c:\snort\log –i1 –K ascii –s and set the syslog server’s IP address in the snort.conf file. I’ve create a test rule to alert on any IP traffic, and can see the logs generate in the log folder, but it doesn’t send to the remote syslog server. I’ve also tested sending the syslogs to kiwi on the local snort server and that works fine. This was working with an older version of snort. Is there any changes in the new version of snort that needs to be configured to send to syslog?**** ** ** Benjamin Lincoln IT Security Analyst Support**** Banner Bank**** Internal Ext. 53274**** (509)524-5931**** ** ** ** ** ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- logging to syslog Benjamin Lincoln (Sep 19)
- Re: logging to syslog JJC (Sep 19)
- Re: logging to syslog Michael Steele (Sep 19)
- Re: logging to syslog Benjamin Lincoln (Sep 19)