Re: [HOW-TO] Logging Snort alerts to Syslog and Splunk

[Chris Green <greencm () gmail com>]

> On Oct 5, 2013, at 3:08 PM, "praveen_recker ." <praveen_recker () sify com> wrote:
>
> Hi,
>
> Many people has queries related to forwarding Snort alerts to syslog and Splunk servers, below paper gives steps to 
> do the same

If this is your goal and you don't absolutely need syslog for something else, let me recommend doing fast alert files 
and tailing with the Splunk forwarders instead.

Doing the syslog step just adds a complication and doesn't let your Splunk deployment load balance itself automatically.
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!