Re: Email alert and porscan.log on a daily basis

[matt <mkettler () evi-inc com>]

Personally I have a small script in my daily cron that emails me the 
logfiles and then rotates them.

My script is quick, dirty, and might not work for you, but this is the 
basic crux of the script is below (and yes I've modified my email address 
to an invalid one in case someone is foolish enough to not change it :)
-----------------------------

SNORTLOGS=/var/log/snort

mail -s"Snort: Alerts" mkettler_snort () evi-inc com < ${SNORTLOGS}/alert
mail -s"Snort: Portscans Summary" mkettler_snort () evi-inc com < ${SNORTLOGS}/log

rm ${SNORTLOGS}/alert.2
mv ${SNORTLOGS}/alert.1 ${SNORTLOGS}/alert.2
mv ${SNORTLOGS}/alert ${SNORTLOGS}/alert.1


rm ${SNORTLOGS}/log.2
mv ${SNORTLOGS}/log.1 ${SNORTLOGS}/log.2
mv ${SNORTLOGS}/log ${SNORTLOGS}/log.1


At 03:52 PM 5/31/2002 -1000, JEFF Collins wrote:
> I would like to setup SNORT to email the alert and portscan information 
> for each day, on a daily basis to multiple recipients.  Does anyone have 
> recommendations on a good way to go about doing this?
>
> Thanks,
>
> Jeff


_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users