Snort mailing list archives

Re: Alert in syslog file

From: James Riden <j.riden () massey ac nz>
Date: Fri, 15 Oct 2004 16:01:36 +1300

"Raffael Maio" <Vador () urbanet ch> writes:

Hi,

I see that all my alerts are sending to the syslog system. Is is
obligatory??!? 

How can I remove that option  ?! Because the syslog file becomes very bigger
when there is lot of alert !!!


I find the syslog file useful for grepping through, etc. - you can
always set something like logwatch, or a shell script up to roll the
file over every day, e.g.

alert - today, current
alert.1 - yesterday's 'alert'
alert.2 - day before, etc.

cheers,
 Jamie
-- 
James Riden / j.riden () massey ac nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/





-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Alert in syslog file Raffael Maio (Oct 14)
- Re: Alert in syslog file James Riden (Oct 14)
- Re: Alert in syslog file prabu (Oct 14)
  - RE: Alert in syslog file Raffael Maio (Oct 15)
  - Re: Alert in syslog file Jose Maria Lopez (Oct 16)