[Snort-users] Help with output alert_syslog
sean.redmond at ...1928...
Fri Apr 27 12:52:49 EDT 2001
I'm confused about configuring output plugins. In my snort.conf I have the line
output alert_syslog: snort.alert
which works fine, but I can't get the syslog output working. If I have in
output alert_syslog: LOG_LOCAL5 LOG_ALERT
and in /etc/syslog.conf:
Shouldn't that work? Traffic get logged in snort.alert (in the directory I
specified with the -l switch on the command line) but not in /var/log/snort
(This is snort 1.7, on RedHat 6.1).
More information about the Snort-users