Snort mailing list archives
Re: Alert in syslog file
From: James Riden <j.riden () massey ac nz>
Date: Fri, 15 Oct 2004 16:01:36 +1300
"Raffael Maio" <Vador () urbanet ch> writes:
Hi, I see that all my alerts are sending to the syslog system. Is is obligatory??!? How can I remove that option ?! Because the syslog file becomes very bigger when there is lot of alert !!!
I find the syslog file useful for grepping through, etc. - you can always set something like logwatch, or a shell script up to roll the file over every day, e.g. alert - today, current alert.1 - yesterday's 'alert' alert.2 - day before, etc. cheers, Jamie -- James Riden / j.riden () massey ac nz / Systems Security Engineer Information Technology Services, Massey University, NZ. GPG public key available at: http://www.massey.ac.nz/~jriden/ ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Alert in syslog file Raffael Maio (Oct 14)
- Re: Alert in syslog file James Riden (Oct 14)
- Re: Alert in syslog file prabu (Oct 14)
- RE: Alert in syslog file Raffael Maio (Oct 15)
- Re: Alert in syslog file Jose Maria Lopez (Oct 16)