RE: Snort Syslog Alerts on Win32

[Rich Adamson <radamson () routers com>]

> Unfortunately, using the command line parameter for syslog is 
> not an option, exactly because I don't want to clobber the other 
> output plug-ins in the snort.conf file.  And it probably will not 
> work anyway under Win32 (see the post/rant I just sent to the list).  
> It appears that  "syslog" under Win32 really means "Event Log", 
> which just will not do. 
>
> Presuming that Snort under Win32 will some day really support syslog 
> output, hopefully then there will also be a "host=" and "port="
> option for the alert_syslog plug-in. 

Not sure why the rant, but I've been using snort (v1.8.x -> current)
with local and remote syslog consistently on a Win2kPro box (as well 
as Linux). Nothing goes to the Event Log.

Before ranting further, it might be helpful to those on the list to
understand exactly what you're trying to accomplish.




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users