Snort mailing list archives
RE: Re: email alerting in acid
From: "Ronneil Camara" <ronneilc () remingtonltd com>
Date: Thu, 6 Dec 2001 12:02:26 -0600
-----Original Message----- From: Phil Lyons [mailto:plyons () hotmail com] Sent: Thursday, December 06, 2001 10:02 AM To: snort-users () lists sourceforge net Cc: arvind () controlnet co in Subject: [Snort-users] Re: Snort-users digest, Vol 1 #1379 - 15 msgs Hi, You can also use swatch to do realtime email alerts as well. see: http://www.enteract.com/~lspitz/swatch.html for setup examples &
link to download site.
HTH,
Since I'm using ACID, what I really wanted was something that can email me when the snortbox sees a suspicuous or real attack. Can swatch do this? Or are there other programs that does realtime checking of snort logs and mails us? What exactly is a good idea to set this up? Should I store the traffic to the snort db and /var/log/snort in snort.conf? Thanks again. Neil _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Re: email alerting in acid Ronneil Camara (Dec 06)
- <Possible follow-ups>
- RE: Re: email alerting in acid Phil Lyons (Dec 06)