Re: snort + logsurfer

[Erik Fichtner <emf () servervault com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Dec 06, 2002 at 09:04:58AM -0200, Wilson A. Galafassi Jr. wrote:
> any help-me to run logsurfer with snort for send SMS messages when a
> critical event occour???


well, it's not exactly that easy.   Logsurfer is pretty powerful, so
your question is really a lot like "Can anyone help me run perl with
snort to send SMS messages...."

But, a long while back I got a wild hair and started putting up some
simple logsurfer examples based on my real conf file. [1]  
With the logsurfer docs, this might get you on the road to doing 
something with snort&logsurfer:
        http://www.obfuscation.org/emf/logsurfer/snort.txt

(granted, all the example does is capture big batches of events
from a particular source and ship it off to you in a large email,
so you'll undoubtably want to make changes when using SMS.)


[1] I never really got anywhere with this, though, so most people
will be pretty disappointed in the examples.   Someday I may finish.
maybe.

- -- 
Erik Fichtner
Security Administrator, ServerVault Corp.
703-652-5900
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE98MihQ7EzrewLMS0RAr4aAKDWtDQu2Q3pxR+Yai/LXHkTt5HXlQCgt7xr
qHaVtTbZ1vjawH5QBp9y7+s=
=Drk4
-----END PGP SIGNATURE-----


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users