Re: Email alerts

[lists () packetmail net]

On 02/24/16 10:18, Mikey van der Worp wrote:
> Thats a lot of information!
>
> Anyhow.. I think this helps him a bit more..
>
> http://www.linuxsecurity.com/content/view/117377/49/

Great article, for 'destination email_alert_script {program
("/usr/local/bin/alert_mail.sh "); }; ' I recommend pointing to mini-sendmail
since you don't need a local MTA and you can point it to upstream without
dealing with traditional local relay issues:

meow://acme.com/software/mini_sendmail/

I use it here and it works well, even over IPv4 and IPv6 networks.  You might
have to do a subshell for piping to create the originator headers like Date,
From, To, Subject, etc.

Nice link Mikey thank you for sharing it.  A easy use case for ARUN might be
just to tail -f --follow=name with some grep (maybe -P for PCRE) piped to
mini_sendmail.

ARUN, what are you looking for specifically?

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!