[Snort-devel] syslog logging in 1.7beta5

Karl Lovink karl at ...127...
Thu Nov 23 01:42:22 EST 2000


Isn't it somewhat inconsistent. For the database logging you have to specify
wether you want the log or alert entries and for syslog you get probably


-----Oorspronkelijk bericht-----
Van: snort-devel-admin at lists.sourceforge.net
[mailto:snort-devel-admin at lists.sourceforge.net]Namens Martin Roesch
Verzonden: donderdag 23 november 2000 6:38
Aan: Karl Lovink
CC: snort-devel at lists.sourceforge.net
Onderwerp: Re: [Snort-devel] syslog logging in 1.7beta5

Karl Lovink wrote:
> I found out the hard way that the conifiguration of the output plugins has
> been changed from 1.6 to 1.7. The database I got running again but I have
> still problems with the syntax of the syslog output plugin.
> I tried:
> output syslog: log, LOG_AUTH LOG_ALERT
> But no success. What wrong?

Umm, you don't need the "log," in there.  Try it like this:

output syslog: LOG_AUTH LOG_ALERT


Martin Roesch
roesch at ...48...
Snort-devel mailing list
Snort-devel at lists.sourceforge.net

More information about the Snort-devel mailing list