Re: syslog output

[Joel Esler <joel.esler () sourcefire com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, Barnyard can output via the alert_syslog module.

Joel

hchlai () netscape net wrote:
> Awesome. It works perfectly! However, wouldn't it hamper the performance
> of Snort? I run barnyard on the same box too, would it be possible to
> configure barnyard to send syslog to a remote syslog server?
>
> Thanks!
>
> HinSuk
>
>
> -----Original Message-----
> From: rmkml <rmkml () free fr>
> To: hchlai () netscape net
> Sent: Mon, 22 May 2006 18:08:23 +0200 (CEST)
> Subject: Re: [Snort-users] syslog output
>
> Hi,
> snort syslog localy,
> and run syslogd/syslog-ng to remote syslog srv ...
> Regards
> Rmkml
>
> On Mon, 22 May 2006, hchlai () netscape net wrote:
>
> > Date: Mon, 22 May 2006 12:00:20 -0400
> > From: hchlai () netscape net
> > To: snort-users () lists sourceforge net
> > Subject: [Snort-users] syslog output
>  > > Can I configure Snort (running on Linux) to do syslog output to a
> syslog > server? It seems "output alert_syslog: host=192.168.1.1,
> LOG_AUTH LOG_ALERT" > doesn't work.
>  > I can see Snort is running, but the traffic is not going to the
> appropriate > syslog server. It just don't do anything.
> > Anybody has similar situation?
> >
> > HinSuk
> >
> > ___________________________________________________
> > Try the New Netscape Mail Today!
> > Virtually Spam-Free | More Storage | Import Your Contact List
> > http://mail.netscape.com
> >
> >
> >
> > -------------------------------------------------------
>  > Using Tomcat but need to do more? Need to support web services,
> security?
>  > Get stuff done quickly with pre-integrated technology to make your
> job easier
>  > Download IBM WebSphere Application Server v.1.0.1 based on Apache
> Geronimo
>  > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users () lists sourceforge net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
> ___________________________________________________
> Try the New Netscape Mail Today!
> Virtually Spam-Free | More Storage | Import Your Contact List
> http://mail.netscape.com
>
>
>
> -------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEciK1KbCSyXHckt4RAlw+AJ9sjpbVg9GptUaO7xUEz3Kftjr86wCgkA/K
2g53NkjDvUaBdsvGuBomusA=
=Pb1l
-----END PGP SIGNATURE-----


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users