Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Syslog trouble

From: Michael J Clark <clarkmic () pobox upenn edu>
Date: Tue, 29 May 2001 14:09:44 -0400 (EDT)
Hey guys,

Im sure this is an easy question but its been giving me trouble for a while.

I can't seem to get anything to log to syslog.  Logging is fine in the 
directories (Im using 1.7).

This is the command line:  snort -i eth1 -D -s -l /var/log/snort

in snort.conf Ive tried output: alert_syslog: LOG_AUTH LOG_INFO

I have also tried without that and still nothing.  Im testing with the rule

alert any any any <> any any (msg: "STUFF: ";)


I'd like to see the alerts go to /var/log/messages.  My syslog.conf looks 
to be ok.  Haven't changed it from the default (rh 7.1).

Please reply to my address as well (I use digests).  Thanks


Mike



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: