how to make a single unified syslog file

[ke chen <fancyblue_kurt () yahoo com>]

hi,all,
I would like to snort to output log messages to
syslogd,and use logrotate to execute log file
managements.

the following is my configuration of snort and syslog

snort.conf
#Step 1: Set the network variables:
var HOME_NET 10.0.0.0/24
var EXTERNAL_NET any
# Step #2: Configure preprocessors
preprocessor stream4: detect_scans,
detect_state_problems
preprocessor stream4_reassemble
preprocessor flow: stats_interval 0 hash 2
preprocessor frag2: timout 60, memcap 4194304
preprocessor portscan: $HOME_NET 5 60
/var/log/snort/snort.log
# Step #3: Configure output plugins
output alert_syslog: LOG_AUTH LOG_ALERT

in syslog.conf
auth.=alert -/var/log/snort/snort.log

However, snort not only generate snort.log file but
also produce some other files. What i whant is just
one single file containing all NIDS findings which can
be managed by syslogd.

Could someone help me to solve this problem?

By the way, i would also like to know how to compile
snort with static library. In some previous posts, it
is said to configure LDFLAG=static, but I really need
more detailed infor about it. 

Thank you in advance.

Best Regards,
kurt
 




                
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail


-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users