[Snort-users] Logging alerts two places at once

Martin Roesch roesch at ...421...
Fri Jan 26 00:23:29 EST 2001

Yeah, specify the output plugins in the conf file.  For what you're
asking for, you'd want to do something like:

output syslog: LOG_AUTH LOG_ALERT
output full: alert

That ought to do it.


Lance Spitzner wrote:
> Any way of logging alerts two places at once?
> For examples, lets say I want to log alerts FAST to
> syslogd and log FULL to /var/log/snort
> Any idea how?
> --
> Lance Spitzner
> http://project.honeynet.org
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users

Martin Roesch
roesch at ...421...

More information about the Snort-users mailing list