Snort mailing list archives

Send snort alerts via syslog to ArcSight

From: Pablo Atiaga <pablo.atiaga () e-govsolutions net>
Date: Thu, 27 Sep 2012 15:36:00 -0500

Hi everyone.

I need to send snort alert to ArcSight via syslog, i found a 
configuration just changing one line in the snort.conf but it doesn't 
work. I already try sending events with other application and with 
barnyard and work, but i need to send from snort directly because that's 
the only way to send all the parameters correctly. I'm using snort 2.9.3.1.

Thanks for any help that you could provide me,.

Regards.

-- 
Pablo Alberto Atiaga Galeas
IT Security Specialist
EGOVERMENT SOLUTIONS S.A.
+593-93343553
+593-92709534
skype: pablo_ati_g


------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://ad.doubleclick.net/clk;258768047;13503038;j?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Send snort alerts via syslog to ArcSight Pablo Atiaga (Sep 27)
- Re: Send snort alerts via syslog to ArcSight beenph (Sep 27)