Re: Syslog Inquiry

[Lee Heath <madhat () gmail com>]

On Wed, Jun 30, 2010 at 10:59 AM, Roberto Yatco
<mystery_man19882000 () yahoo com> wrote:
> Good day! I would like to ask help from you in using nmap. Here's the situation. I am trying to use these options:
>
> nmap -T4 -A -oS OS 127.0.0.1
>
> I want that OS file (or its contents) to automatically be sent to UDP port 514 (Syslog) of our Syslog Server for it 
> to be logged. How can I achieve this? We're doing this for our thesis right now. I hope you can help us.

Cheap and easy:
nmap -T4 -A -oS OS 127.0.0.1 | logger -t nmap


Example
$ sudo nmap -T4 -A -oS OS 127.0.0.1 | logger -t nmap
$ sudo tail /var/log/messages
Jun 30 11:16:18 cheshire nmap: |_html-title: Test Page for the Apache
HTTP Server on Fedora
Jun 30 11:16:18 cheshire nmap: 631/tcp open  ipp     CUPS 1.4
Jun 30 11:16:18 cheshire nmap: Device type: general purpose
Jun 30 11:16:18 cheshire nmap: Running: Linux 2.6.X
Jun 30 11:16:18 cheshire nmap: OS details: Linux 2.6.19 - 2.6.31
Jun 30 11:16:18 cheshire nmap: Network Distance: 0 hops
Jun 30 11:16:18 cheshire nmap: Service Info: OS: Unix
Jun 30 11:16:18 cheshire nmap:
Jun 30 11:16:18 cheshire nmap: OS and Service detection performed.
Please report any incorrect results at http://nmap.org/submit/ .
Jun 30 11:16:18 cheshire nmap: Nmap done: 1 IP address (1 host up)
scanned in 9.05 seconds




-- 
Lee Heath (madhat () gmail com)
"The true man wants two things: danger and play.
 For that reason he wants woman, as the most dangerous plaything."
                          - Friedrich Nietzsche
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/