Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SnortALog with Snort

From: jeremy.chartier () free fr
Date: Mon, 19 Jul 2004 10:23:06 +0200
Very easy to use ;)

If you are using snort with database plugin you must stop.
All snort's alerts must redirect in a file. So, you can use the syslog
option in snort.conf or perform snort like that :
snort -A none -CDIepbi eth0 -c snort.conf -s ""
or
snort -A fast -CDIepbi eth0 -c snort.conf
or
snort -A full -CDIepbi eth0 -c snort.conf
This is examples, obviously you can use other snort's options.

Eventually, you must redirect your alert file in SnortALog like that :
cat alert.ids | ./snortalog.pl -n 20 -report
or
./snortalog.pl -n 20 -report -file alert.ids

Jérémy




With help of this documentation Snort, Apache, PHP, MySQL, ACID on Redhat 9.0
Installation Guide , 
 I have done the configurations. It is runs well with the browser . but i
would like to configure SnortALog as well , to get out put with some graph. 


Can v configure SnortALog with snort ?
I have done the configurations according to the SnortALog manual . 
But i can't understand how it use with snort .......plz help me


thanx in advance
chandana





-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21&alloc_id040&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: