Re: Syslog output other file

[Matt Kettler <mkettler () evi-inc com>]

The syslog will output via syslog.. ie: the system log daemon, not direct 
file IO.

As an application, snort has no direct control over where syslog puts the 
data, that's up to the configuration of the syslogd. Most systems configure 
the syslog to log *.info to /var/log/messages.

If you want to use syslog and specify where things go, edit your 
/etc/syslog.conf or whatever file is appropriate for the syslogd you are using.

If you don't really want to use the system logger, try output log_tcpdump 
(fast binary logging) or output log_unified and output alert_unified.

Note: unless you understand how syslog works, I'd recommend not using it 
with snort.

At 04:12 PM 4/19/2002 -0300, Carlos Augusto Silva wrote:
> Hello people,
> I need configure snort to output syslog on other file.
> I using:
> output alert_syslog: <facility> <priority> /directory/file
>
> What a correct sintaxe from the command ?
>
> Tanks for all,
>
> Carlos
> Brazil


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users