Snort mailing list archives
Re: Remote syslog server using snort.conf
From: Wayne T Work <securitygauntlet () snet net>
Date: Sat, 24 Aug 2002 23:48:55 -0400
Try uncommenting these lines is the conf and fill in the data for SYSlog and MySQL
This example will create a rule type that will log to syslog
# and a mysql database.
# ruletype redalert
# {
# type alert
# output alert_syslog: LOG_AUTH LOG_ALERT
# output database: log, mysql, user=snort dbname=snort host=localhost
# }
At 11:14 PM 8/24/2002 -0400, Sandy Taylor wrote:
I have read through the manual and FAQ. I found how to log to a remote syslog server at the command line and how to log to a syslog server on the local machine. But what I want to do is both log to a MySQL database and a remote syslog server. Thusly, I have to use the snort.conf to log to both right? So, the 10k dollar question is how do I configure snort.conf to log to a remote syslog server? Can I specify a port (other than the default)? Any suggestions would be appreciated. Thank you. ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Remote syslog server using snort.conf Sandy Taylor (Aug 24)
- Re: Remote syslog server using snort.conf Michael Boman (Aug 24)
- Re: Remote syslog server using snort.conf Sandy Taylor (Aug 24)
- Re: Remote syslog server using snort.conf Wayne T Work (Aug 24)
- Re: Remote syslog server using snort.conf Christopher Cook (Aug 25)
- Re: Remote syslog server using snort.conf Sandy Taylor (Aug 24)
- Re: Remote syslog server using snort.conf Michael Boman (Aug 24)
- Re: Remote syslog server using snort.conf Wayne T Work (Aug 24)
- Re: Remote syslog server using snort.conf Frank Knobbe (Aug 25)