[Snort-devel] problem with syslog

jeremy chartier jeremy.chartier at ...879...
Thu Mar 27 06:54:10 EST 2003


Thanks Rich but I always have the problem with the activation of this 
output (on Unix plateform).

>Jeremy,
>
>I had the same problem with the Win32 v2 code. The issue was the
>syslog function was apparently redefined to now require an output
>plugin definition. Add something like this to snort.conf:
>  output alert_syslog: LOG_AUTH LOG_ALERT
>and all should be fine. (At least it is in Win32 v2.)
>
>Rich
>
>------------------------
>  
>
>>I have problem with snort-2.0.0rc1 when I try to send alert via syslog.
>>I do that : snort-2.0.rc1 -A full -CdIpbi eth0 -c 
>>/etc/snort-2.0.rc1/snort.conf -l /var/log/snort/ -s ""
>>
>>and this error message appears before stop snort's intance :
>>-*> Snort! <*-
>>Version 2.0.0rc1 (Build 61)
>>By Martin Roesch (roesch at ...402..., www.snort.org)
>>(null)(0) => No arguments to alert_syslog preprocessor!
>>
>>This works fine with 1.9.X
>>    
>>
>
>
>
>
>  
>







More information about the Snort-devel mailing list