[Snort-devel] syslog output plugin patch

Michael Davis mike at ...27...
Fri Apr 6 23:38:55 EDT 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This patch adds the ability to send all alerts generated by the
syslog output plugin to a remote server. I saw this request on the
snort-users list a while back and had some time tonight so I whipped
it up.  This code works on UNIX and WIN32. Depending on what platform
it is compiled on.

The diff is against snort-1.7 NOT against the CVS source. Sorry about
that but I want to use this in my WIN32 port and have not updated the
WIN32 port to latest CVS yet.

To use it all you need to do is add the host to your output line
configuration args.

For example: 
output alert_syslog: LOG_AUTH LOG_ALERT host=chaos.datanerds.net

It supports all facilities/priorities the normal syslog output plugin
did.

Have fun,
Michael Davis
Chief Technical Officer
Data Nerds, LLC.
http://www.datanerds.net

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOs6Lu/iUqZ9dnoKsEQI2nACgwSkekb+I/KYcIzdGx9PNdYaX2LYAni6J
uTYsgUAjqG5lGEGIfxeHyhia
=0roC
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: syslog.diff
Type: application/octet-stream
Size: 7213 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20010406/0f57bee0/attachment.obj>


More information about the Snort-devel mailing list