Issues with remote syslog and snort.conf

[James Lay <jlay () slave-tothe-box net>]

> From the docs:


2.6.1.3 Example
    output alert_syslog: host=10.1.1.1:514, <facility> <priority>
<options>

I have not been successful in getting this to work with either:

output alert_syslog: host=192.168.1.1:514, LOG_AUTH LOG_ALERT
output alert_syslog: LOG_AUTH LOG_ALERT host=192.168.1.253:514

both get me:
WARNING: snort.conf (171) => Unrecognized syslog facility/priority:
host=192.168.1.1:514

Is there something I'm missing to get this to go?  I know barnyard can
do this, but I'm not wanting to go down that path yet.  Thank you.

James



------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!