Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Logging to file and to event log [RMC-7D9HBQ4]

From: "Romulo M. Cholewa" <rmc () rmc eti br>
Date: Wed, 29 Jan 2003 23:34:06 -0300
Hi All,

I'm very happy with snort, now sending the alerts to the windows application event log, and EventSentry or PD Monitor 
emailing me.

But I want to start using snort2html, and when I use the -E switch it simply stops logging to file.

Is there any way to make snort send the alerts to the application eventlog AND to the alert.ids file ?


Thanks!


Romulo M. Cholewa
Home : http://www.rmc.eti.br
Forum: http://zeus.rmc.eti.br/forum
PGP Keys Available @ website.

     'All that we are is the result of what we have thought'     
                                                                 
                                                                 


]-----Mensagem original-----
]De: Benjamin Feen [mailto:benjy () feen com] 
]Enviada em: quarta-feira, 29 de janeiro de 2003 20:46
]Para: snort-users () lists sourceforge net
]Assunto: Script to delete old alerts from MySQL db?
]
]
]Hiya,
]
]
]I'm using Snort 1.9 with MySQL 3.23.54.  I'm looking to 
]automatically cull log entries older than a given number of 
]days from the database. A number of almost-usable scripts are 
]out there, but I haven't found one that really suits me.  
]Anyone have a script they're proud of that they'd like to share?
]
]--
]Benjamin Feen
]benjamin(AT)feen.com
]http://www.monkeybagel.com
]
]
]-------------------------------------------------------
]This SF.NET email is sponsored by:
]SourceForge Enterprise Edition + IBM + LinuxWorld = Something 
]2 See! http://www.vasoftware.com 
]_______________________________________________
]Snort-users mailing list
]Snort-users () lists sourceforge net
]Go to this URL to change user options or unsubscribe: 
]https://lists.sourceforge.net/lists/listinfo/sn]ort-users
]
]Snort-users list archive: 
]http://www.geocrawler.com/redir-sf.php3?list=snort-users
]


-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: