![snort logo](/images/snort-logo.png)
Snort mailing list archives
help with snort output to syslog - solaris
From: David Lundy <dlundy () PACIFIC EDU>
Date: Thu, 21 Jul 2011 20:10:37 +0000
I have been unsuccessful in getting snort to output to syslog. I am trying to log locally on syslog with a view to sending syslog to a SIEM on another machine. Operating System: Solaris 10 8/07 SPARC Snort version: 2.9.0.5 Launching snort with the command although I have tried other variations: /usr/local/bin/snort -A full -s -i nxge0 -u snort -g snort -c /usr/local/etc/snort/snort.conf -l /var/log/snort Relevant lines from snort.conf: # syslog output alert_syslog: LOG_LOCAL5 LOG_ALERT Relevant lines from syslog.conf # Local logs for thor local5.info /var/log/snortlog I have verified that syslog does log local5 messages using logger. Snort seems to working except for syslog logging. Would appreciate help. David Lundy ------------------------------------------------ David Lundy Assistant IT Security Officer University of the Pacific Stockton, CA 95211 Email: dlundy () pacific edu<mailto:dlundy () pacific edu> Voice: 209-946-3951 Fax: 209-946-2898
------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please see http://www.snort.org/docs for documentation
Current thread:
- help with snort output to syslog - solaris David Lundy (Jul 22)