Re: Question about Syslog

[Martin Holste <mcholste () gmail com>]

Your options for running syslog on Windows are limited and non-free.
Have you considered running a completely free VirtualBox instance of
another OS?  Otherwise, I'd recommend Splunk personal edition, which
runs on Windows.

On Thu, Apr 19, 2012 at 2:52 PM, Craft, Robert
<Robert.Craft () atlanticare org> wrote:
> Warning, I’m not an expert or even good at this.
>
>
>
> This is the way I set up the one I’m running:
>
> output alert_syslog: host=localhost:514, LOG_AUTH LOG_ALERT
>
> (that host= entry seems to be it)
>
>
>
> and the command line via .bat
>
> c:\snort\bin\snort -i 2 -s -l c:\snort\log\ -c c:\snort\etc\snort.conf
>
>
>
> SysLogServer might have some useful features, I’ve not tried it yet.
>
>
>
> www.brothersoft.com/downloads/syslog-server.html
>
>
>
> ftp://ftp.heanet.ie/disk1/sourceforge/s/project/sy/syslog-server/syslog-server/1.2.x/Help.pdf
>
>
>
>
>
>
>
> ________________________________
>
> From: Bo [mailto:bo.sun () aurenav com]
> Sent: Wednesday, April 18, 2012 8:39 AM
> To: snort-users () lists sourceforge net
> Subject: [Snort-users] Question about Syslog
>
>
>
> Hi, everyone!
>
>
> I have installed snort in my windows system, but I want to ask two questions
> realtes to syslog.
>
> Firstly, I really encounter a problem when I want my Snort output log into
> kiwisyslog.
>
> My configurateion for syslog is in snort.conf :
> output alert_syslog: host=127.0.0:514, LOG_AUTH LOG_ALERT
>
> And my command for start Snort is :
> C:\Snort\bin\snort -i4 -s -l c:\snort\log\ -c c:\snort\etc\snort.conf
>
> But there is no log file into kiwisyslog.
>
> Could you help me point out what's wrong with configuration or what the
> problem may it is?
>
>
>
>
> Secondly,I really want to know is if there are other syslog servers apart
> from Kiwi Syslog server that I can use in order to remotely monitor a
> network and if there are performance issues for each one of them that I
> should consider for my choice e.g. if one provides quicker alerts, uses a
> lot of memory etc.
>
> p.s. Windows 7 of Windows XP system.
>
> Thank you for your time so much!!
>
> Looking forward your reply!
>
> Thanks & Regards,
> Bo
>
>
> ------------------------------------------------------------------------------
> For Developers, A Lot Can Happen In A Second.
> Boundary is the first to Know...and Tell You.
> Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
> http://p.sf.net/sfu/Boundary-d2dvs2
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort
> news!

------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!