Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort alerts to multiple syslog servers

From: Erek Adams <erek () snort org>
Date: Mon, 29 Sep 2003 10:35:15 -0400 (EDT)
On Fri, 26 Sep 2003, Douglas McCrea wrote:


I'm using Snort 2.02 on a Windows 2000 server. I would like to send
alerts to multiple Syslog servers because we are sharing our data with
our Information Security office as well as analyzing it ourselves. I've
noticed that if I list more than one syslog server, the data is just
repeated in the log twice for only one syslog server. Is there a way to
send to multiple syslog servers using Windows 2000?


I'm not sure if you can do it on a Win32 box or not.  Your best bet might
be to log to a local syslog server and have _that_ forward onto other
hosts.

If you can't do that, use an intermediary *NIX box to do it.

Cheers!

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: