Snort mailing list archives
RE: How to send alerts automaticly by mail
From: "Semerjian, Ohanes" <Semerjian.Ohanes () wcom com au>
Date: Tue, 20 Aug 2002 08:00:12 +0800
I guess that is one possibility but Roman is using Mysql for logging (which is better) rather than syslog. I run 8 snort sensors and log also to Mysql the best way is to write a sql query to extract the alerts u want to be e-mailed and place then into a file then e-mail it from that box. If ur knowledge in sql not that great (neither do I )get someone that have good experience with mysql to write a query for u but u need to explain to them what u want. I've e-mail alerts get sent to me automatically from all of the 8 sensors that I'm running. Best Regards Ohanes Semerjian PGP kEY 6604 2A46 E64F BEBF A4B7 9D01 9E08 399C 9D45 3254 -----Original Message----- From: Matt Kettler [mailto:mkettler () evi-inc com] Sent: Saturday, 17 August 2002 8:41 To: Roman Anger; snort-users () lists sourceforge net Subject: Re: [Snort-users] How to send alerts automaticly by mail The snort FAQ addresses this directly. http://www.snort.org/docs/faq.html#5.7 5.7 --faq-- --snort-- --faq-- --snort-- --faq-- --snort-- --faq-- Q: How do I get snort to e-mail me alerts? A: Log to syslog and use swatch or logcheck. At 02:02 PM 8/16/2002 +0200, Roman Anger wrote:
Hi all, I´m a newby to snort. How can I send automaticly a email to a Admin when a special event occurs? I´m using snort with mysql and acid. Thanx in advance ----------------------------------------- Network4You Gesellschaft für Computernetze und Internetanwendungen mbH
Albert-Rosshaupter-Str. 33-35 81369 München Roman Anger Systemadministrator, Heterogene Netze TEL: +49 (89) 741206-48 r.anger () network4you de www.network4you.de ----------------------------------------- ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r___________________________________________
____
Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list
------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: How to send alerts automaticly by mail Matt Kettler (Aug 16)
- <Possible follow-ups>
- How to send alerts automaticly by mail Roman Anger (Aug 17)
- Re: How to send alerts automaticly by mail hackerwacker (Aug 16)
- Snort does not handle alert file being turned over. SW (Aug 18)
- RE: How to send alerts automaticly by mail Semerjian, Ohanes (Aug 19)