Snort mailing list archives
Re: snort syslog output support
From: "Randal T. Rioux" <randy () procyonlabs com>
Date: Fri, 14 Sep 2012 02:22:39 -0400
On 5/30/2012 8:33 AM, James Lay wrote:
On May 30, 2012, at 5:51 AM, Kungu Panda wrote:I need to send snort syslog alerts to out central syslog system. I thought I read in a previous posting that snort syslog output was going away. Is this still true, has it happened? What would be the best way to perform this? Any recommendations/ideas would be helpful. Thanks! KPandaI certainly hope not….having IDS go to syslog is a PCI requirement (Section 10 of PCI DSS 2.0). Not having this would be bad.
Hey kids. I'm back. Catching up on email lists - I'm up to May. Been a little... distracted. Is the language verbatim that "syslog" must send the alerts, or that they just need to be collected and stored? For example, Ci$co uses SDEE, but I've never seen that fail a PCI audit. I'd look it up myself, but my dog just farted on me and I need to get away fast. Randy ------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: snort syslog output support Randal T. Rioux (Sep 13)
- Re: snort syslog output support James Lay (Sep 14)