Snort mailing list archives
Send snort alerts via syslog to ArcSight
From: Pablo Atiaga <pablo.atiaga () e-govsolutions net>
Date: Thu, 27 Sep 2012 15:36:00 -0500
Hi everyone. I need to send snort alert to ArcSight via syslog, i found a configuration just changing one line in the snort.conf but it doesn't work. I already try sending events with other application and with barnyard and work, but i need to send from snort directly because that's the only way to send all the parameters correctly. I'm using snort 2.9.3.1. Thanks for any help that you could provide me,. Regards. -- Pablo Alberto Atiaga Galeas IT Security Specialist EGOVERMENT SOLUTIONS S.A. +593-93343553 +593-92709534 skype: pablo_ati_g ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://ad.doubleclick.net/clk;258768047;13503038;j? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Send snort alerts via syslog to ArcSight Pablo Atiaga (Sep 27)
- Re: Send snort alerts via syslog to ArcSight beenph (Sep 27)