Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Unrecognised syslog facility/priority in snort

From: Mayur Patil <ram.nath241089 () gmail com>
Date: Fri, 11 Oct 2013 14:51:14 +0530
Hello Pravin Sir,

   The thing I found strange is :

    *On client machine(snort installed), *
    location: /var/log/messages
    I am getting logs as  *http://fpaste.org/46026/*
    in which euca-cc messages and snort rule alert messages are getting
logged


    *On log server machine,*
    Only euca-cc messages are getting logged but snort rule alert message
gets dropped at same timestamp 12:44:44,

    I want to log snort alert into syslog.

    The difference I observed is:   *http://fpaste.org/46029*

    I think this is what we called bad log samples  :)

    Seeking for guidance,

    Thanks !
 *
--
*
*Cheers,
mayur*

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: