Re: Snort + email alerts

["Drew Burchett" <DrewB () united-systems com>]

I've heard a number of people recommend swatch for sending alert emails.
I haven't tried it yet, but it sounds like a good solution.

 

Drew Burchett

United Systems & Software

http://www.united-systems.com

Phone:  (270)527-3293

Fax:     (270)527-3132

 

  _____  

From: snort-users-bounces () lists sourceforge net
[mailto:snort-users-bounces () lists sourceforge net] On Behalf Of Denis
Morejon Lopez
Sent: Monday, June 12, 2006 3:28 PM
To: lista-snort
Subject: [Snort-users] Snort + email alerts

 

Hello colleagues:

 

I read the snort faq but I got nothing specific about email some
important alerts, such as the ones with levels 1 and 2 in the
classification.config file.

I set the output keyword to alert_syslog in the snort.conf so that i
could send emails later, and then some files were created in
/var/log/snort/  endeed, but the LogWatch does not want to get the
information into those files and it only send alerts from the kernel.

 

Is there another tool to send emails ? 

How can I fix LogWatch or snort to send the alerts ?

Remember I would only need the must important alerts by email!

 

Thank you!

 

 

 

 


--
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended 
recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or 
distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and 
destroy all copies of the original message.

-- 
This message has been scanned for viruses and dangerous content by MailScanner and is believed to be clean.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users