[Snort-users] Snort logging to syslog
erek at ...577...
Wed Apr 11 10:04:03 EDT 2001
On Wed, 11 Apr 2001, Christopher Meiklejohn wrote:
> I am running solaris 2.6 and snort 1.7. In the snort.conf file.. when I tell it to log to syslog..
> ex.( output alert_syslog: LOG_LOCAL6 LOG_ALERT)
> It still logs to /var/log/messages?
> Is there somthing I am missing here?
Yes. /etc/syslog.conf :)
You need to have a line that reads something like:
Then "touch /var/log/snort.log" and kill -HUP on syslog and you should be
ready to go!
More information about the Snort-users