Snort mailing list archives

Sending syslog alerts from Snort on ArchLinux on RPI b+

From: David Futsi <bg31bf () student sunderland ac uk>
Date: Mon, 23 Mar 2015 18:45:25 +0000

Hi,
Im issuing the command snort -d -h 192.168.1.0/24 -c /etc/snort/snort.conf
-s and on the syslog server i have syslog watcher 4.7.4 on windows 7. Then
i set up a rule for rules.conf file to alert ICMP packets. When I ping from
the windows machine to the Raspberry Pi the ICMP traffic is reported within
the console if snort is ran with the -A console option. But when the -s
option is selected it doesnt send alerts to the Syslog server. I did
configure the snort.conf in the syslog section with the IP address and 514
port of the Syslog server still no dice.

Am I missing something?

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Sending syslog alerts from Snort on ArchLinux on RPI b+ David Futsi (Mar 23)
- Re: Sending syslog alerts from Snort on ArchLinux on RPI b+ Y M (Mar 23)