[Snort-devel] syslog output plugin patch

Martin Roesch roesch at ...402...
Sun May 6 22:50:41 EDT 2001


Ok, I've finally gotten around to patching this code in, it's been
committed in CVS.

   -Marty


Michael Davis wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> This patch adds the ability to send all alerts generated by the
> syslog output plugin to a remote server. I saw this request on the
> snort-users list a while back and had some time tonight so I whipped
> it up.  This code works on UNIX and WIN32. Depending on what platform
> it is compiled on.
> 
> The diff is against snort-1.7 NOT against the CVS source. Sorry about
> that but I want to use this in my WIN32 port and have not updated the
> WIN32 port to latest CVS yet.
> 
> To use it all you need to do is add the host to your output line
> configuration args.
> 
> For example:
> output alert_syslog: LOG_AUTH LOG_ALERT host=chaos.datanerds.net
> 
> It supports all facilities/priorities the normal syslog output plugin
> did.
> 
> Have fun,
> Michael Davis
> Chief Technical Officer
> Data Nerds, LLC.
> http://www.datanerds.net
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
> 
> iQA/AwUBOs6Lu/iUqZ9dnoKsEQI2nACgwSkekb+I/KYcIzdGx9PNdYaX2LYAni6J
> uTYsgUAjqG5lGEGIfxeHyhia
> =0roC
> -----END PGP SIGNATURE-----
> 
>   ------------------------------------------------------------------------
>                   Name: syslog.diff
>    syslog.diff    Type: unspecified type (application/octet-stream)
>               Encoding: quoted-printable

--
Martin Roesch
roesch at ...402...
http://www.sourcefire.com - http://www.snort.org




More information about the Snort-devel mailing list