Snort mailing list archives
Re: Syslog output other file
From: Matt Kettler <mkettler () evi-inc com>
Date: Fri, 19 Apr 2002 18:46:17 -0400
The syslog will output via syslog.. ie: the system log daemon, not direct file IO.
As an application, snort has no direct control over where syslog puts the data, that's up to the configuration of the syslogd. Most systems configure the syslog to log *.info to /var/log/messages.
If you want to use syslog and specify where things go, edit your /etc/syslog.conf or whatever file is appropriate for the syslogd you are using.
If you don't really want to use the system logger, try output log_tcpdump (fast binary logging) or output log_unified and output alert_unified.
Note: unless you understand how syslog works, I'd recommend not using it with snort.
At 04:12 PM 4/19/2002 -0300, Carlos Augusto Silva wrote:
Hello people, I need configure snort to output syslog on other file. I using: output alert_syslog: <facility> <priority> /directory/file What a correct sintaxe from the command ? Tanks for all, Carlos Brazil
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Syslog output other file Carlos Augusto Silva (Apr 19)
- Re: Syslog output other file Erek Adams (Apr 19)
- Re: Syslog output other file Carlos Augusto Silva (Apr 19)
- Re: Syslog output other file Erek Adams (Apr 19)
- Re: Syslog output other file Carlos Augusto Silva (Apr 19)
- Re: Syslog output other file Matt Kettler (Apr 19)
- <Possible follow-ups>
- RE: Syslog output other file Wirth, Jeff (Apr 19)
- Re: Syslog output other file Erek Adams (Apr 19)