[Snort-devel] syslog logging in 1.7beta5

Karl Lovink karl at ...127...
Thu Nov 23 01:42:22 EST 2000


Marty,

Isn't it somewhat inconsistent. For the database logging you have to specify
wether you want the log or alert entries and for syslog you get probably
everything.


Karl

-----Oorspronkelijk bericht-----
Van: snort-devel-admin at lists.sourceforge.net
[mailto:snort-devel-admin at lists.sourceforge.net]Namens Martin Roesch
Verzonden: donderdag 23 november 2000 6:38
Aan: Karl Lovink
CC: snort-devel at lists.sourceforge.net
Onderwerp: Re: [Snort-devel] syslog logging in 1.7beta5


Karl Lovink wrote:
>
> I found out the hard way that the conifiguration of the output plugins has
> been changed from 1.6 to 1.7. The database I got running again but I have
> still problems with the syntax of the syslog output plugin.
>
> I tried:
>
> output syslog: log, LOG_AUTH LOG_ALERT
>
> But no success. What wrong?

Umm, you don't need the "log," in there.  Try it like this:

output syslog: LOG_AUTH LOG_ALERT

    -Marty

--
Martin Roesch
roesch at ...48...
http://www.snort.org
_______________________________________________
Snort-devel mailing list
Snort-devel at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/snort-devel




More information about the Snort-devel mailing list