Snort mailing list archives

AW: (Snort-users) ACID and portscan reporting

From: <sandro.poppi () wacker com>
Date: Wed, 17 Oct 2001 08:43:00 +0200


The FAQ says to change the output line in your snort.conf to:

output database: alert, mysql, user=user dbname=snort host=localhost

My question is, does this stop snort from logging to the log file and
the database?  I like that I have it logging to both.  Sorry,
I'm new to
this.


Karen,

you can add additional output modules to log to syslog, e.g. I'm using a mysql
AND syslog alerting using the follwing lines in snort.conf:

output alert_syslog: LOG_AUTH LOG_ALERT LOG_PID
output database: alert, mysql, user=user password=xxxx dbname=snort
host=localhost sensor_name=ids01

Take a look at the snort manual shipped with snort 1.8.1 (or in the
documentation section of www.snort.org) to get more info about the ouput modules
and their options.

HTH,
Sandro


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

AW: (Snort-users) ACID and portscan reporting sandro.poppi (Oct 16)