Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Logging to both the Alert Log file and a SYSLOG Server

From: Erek Adams <erek () snort org>
Date: Thu, 27 Feb 2003 18:14:58 -0500 (EST)
On Thu, 27 Feb 2003, Chris Christianson wrote:


I've been running Snort on an W2K box I'm having some trouble logging to
both the Alerts Log and a SYSLOG Server simultaneously. I can either do
one or the other, not both.

Can somebody out there help me out?


Yep.

Check the archives, as this has been discussed at length.

Short answer, configure the .conf to log to the alerts file, and then use
the -s parameter.  You'll need to either compile your own from source, or
grab one of the binaries from:

        http://www.codecraftconsultants.com/snort.asp

Either get 1.9.0 build 229 or 2.0 Beta build 52.  That should have your
problem fixed.

Cheers!

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: