[Snort-users] Syslog and SNORT
fygrave at ...121...
Wed Apr 4 13:44:10 EDT 2001
On Tue, Apr 03, 2001 at 05:19:24PM -0400, Tom Sevy wrote:
> I would like to log *everything* from snort, but I don't want it
> broadcasting to users or the console. I keep a single system running that
> catches syslogs from all systems on my network, and then, based on filtering
> & criteria, I send out pager notifications.
> This may be more of an OS question (I am on FreeBSD 4.2-RELEASE). But how
> could I accomplish this?
Probably has more to do with your syslog configuration, althrough you could tune syslog facility/loglevel too. (have a look into snort.conf, look for syslog spo comments).
More information about the Snort-users