Snort mailing list archives

(no subject)

From: snort () barid com
Date: Sat, 20 May 2017 22:49:20 +0100




hello
i installed the ids snort on ubuntu and now i want to send his alerts to
syslog ,
so i uncommented the line : output alert_syslog: LOG_AUTH LOG_ALERT from 
snort.conf , 
next i tested alerts with a simple snort rule to alert when icmp requests
occurs
my probleme is that the syslog file changes everytime not just when i send
requests 
 so i can't know how to extract and read alerts 
thank you
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

(no subject) Juan Garcia (Apr 05)
- <Possible follow-ups>
- (no subject) Tidiane Seck (Apr 27)
- (no subject) Tidiane Seck (Apr 27)
- (no subject) Сергей Филоненко (Apr 28)
- (no subject) Nita Asyari (May 01)
- (no subject) lujain obeidat (May 08)
- (no subject) VICTOR ANDRES HERRERA GARCIA(Estudiante) (May 12)
- (no subject) ‫moon sun‬ ‫ (May 18)
  - Re: (no subject) Joel Esler (jesler) (May 19)
- (no subject) snort (May 20)
- (no subject) Ширясов Александр (May 22)
- (no subject) Frederic Lubrano via Snort-users (Jun 16)