A little Off Topic : syslog configuration

[Dave Morrow <david.morrow () autodata net>]

Hi all. My question is a little off topic, but hopefully someone will be
kind enough to lend a hand.

I am in the process of actually performing some intrusion detection, using
Snort, ACID, etc. and am having some degree of difficulties with Syslog.
What I would like to do is have syslog messages which originate from a
specific host, put in a specific logfile for insertion into the snort
database by logsnorter.  How would one configure syslog.conf to force all
messages coming from say host1 into a particular file ex. /var/log/host1.log

David Morrow
Systems Technical Lead, IT Operations
P: (519) 951-6079
F: (519) 451-6615
mailto: david.morrow () autodata net <mailto:david.morrow () autodata net> 
 
......poor planning on your part does not make an emergency on my
part........

 This message has originated from Autodata Solutions.  The attached material
is the Confidential and Proprietary Information of Autodata Solutions. This
email and any files transmitted with it are confidential and intended solely
for the use of the individual or entity to whom they are addressed. If you
have received this email in error please delete this message and notify the
Autodata system administrator at  Administrator () autodata net
<mailto:Administrator () autodata net <mailto:Administrator () autodata net> >





-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users