Snort mailing list archives
AW: Snmp traps v 1 ( cont ... )
From: "Poppi, Sandro" <Sandro.Poppi () wacker com>
Date: Fri, 22 Feb 2002 15:26:35 +0100
Marcelo,
Sandro, Thanks for the help !
Anytime! [snip]
Do you know the program I can use to send snmp traps v 1 ?
On our Solaris 8 (Sparc) I found /usr/sbin/snmp_trapsend which seems to be what you need. I've never tested it and am not a Solaris guru so you'll have to try yourself ;)
How can I log things in an easy way to identify the atacks ( something like sneeze output ) in one place ( not directories only a file with the alerts ) ?
I use the output alert_syslog option in snort.conf to log to syslog. If you would prefer a single file for snort alerts you might use output alert_syslog: LOG_LOCAL0 LOG_ALERT LOG_PID and edit /etc/syslog.conf and add something like local0.* <put-in-your-path-and-filename-here> Ahm, I tested this with linux, should be similiar with solaris. Then use swatch to send trap. HTH, Sandro _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: Snmp traps v 1 ( cont ... ) Poppi, Sandro (Feb 22)