Snort mailing list archives
Re: syslog output
From: Joel Esler <joel.esler () sourcefire com>
Date: Mon, 22 May 2006 16:44:38 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yes, Barnyard can output via the alert_syslog module. Joel hchlai () netscape net wrote:
Awesome. It works perfectly! However, wouldn't it hamper the performance of Snort? I run barnyard on the same box too, would it be possible to configure barnyard to send syslog to a remote syslog server? Thanks! HinSuk -----Original Message----- From: rmkml <rmkml () free fr> To: hchlai () netscape net Sent: Mon, 22 May 2006 18:08:23 +0200 (CEST) Subject: Re: [Snort-users] syslog output Hi, snort syslog localy, and run syslogd/syslog-ng to remote syslog srv ... Regards Rmkml On Mon, 22 May 2006, hchlai () netscape net wrote:Date: Mon, 22 May 2006 12:00:20 -0400 From: hchlai () netscape net To: snort-users () lists sourceforge net Subject: [Snort-users] syslog output> > Can I configure Snort (running on Linux) to do syslog output to a syslog > server? It seems "output alert_syslog: host=192.168.1.1, LOG_AUTH LOG_ALERT" > doesn't work. > I can see Snort is running, but the traffic is not going to the appropriate > syslog server. It just don't do anything.Anybody has similar situation? HinSuk ___________________________________________________ Try the New Netscape Mail Today! Virtually Spam-Free | More Storage | Import Your Contact List http://mail.netscape.com -------------------------------------------------------> Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users___________________________________________________ Try the New Netscape Mail Today! Virtually Spam-Free | More Storage | Import Your Contact List http://mail.netscape.com ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
- -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEciK1KbCSyXHckt4RAlw+AJ9sjpbVg9GptUaO7xUEz3Kftjr86wCgkA/K 2g53NkjDvUaBdsvGuBomusA= =Pb1l -----END PGP SIGNATURE----- ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- syslog output hchlai (May 22)
- Re: syslog output James Lay (May 22)
- Message not available
- Re: syslog output hchlai (May 22)
- Re: syslog output Joel Esler (May 22)
- Re: syslog output hchlai (May 22)
- <Possible follow-ups>
- RE: syslog output Drew Burchett (May 22)