AW: (Snort-users) Alerting thru printer

[<sandro.poppi () wacker com>]

Hi Alex,

I think there is no direct output module for that but you can use swatch if
snort is configured to log to syslog/file. With swatch you can call any
script/program when a given string is found in the log (this works on
linux/*nix). You only have to gather the required information from the log files
within the script.

You might take a look at
http://www.lug-burghausen.org/projects/index.html#snort-stat where I described a
sample swatch config which can be adjusted to meet your needs.

HTH

So long,
Sandro


> -----Ursprüngliche Nachricht-----
> Von: "Alex Pinheiro Machado Rodrigues" <alex () bsbnet com> at internet
> Gesendet: Montag, 26. November 2001 01:59
> An: "Snort Users" <snort-users () lists sourceforge net> at Internet
> Betreff: [Snort-users] Alerting thru printer
>
>
> Hi
> How I can configure my snort to send alerts, printing the
> alert+payload thru
> lpt1? Is this possible. My idea is to minimize false
> positives and print
> automaticaly all dangerous using my old matrix printer. I use
> a "hear only"
> snort box.
> Thanks!
> Alex
> Brazil
>
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users