[Snort-users] Logcheck and Snort
srbrown at ...1498...
Wed Mar 7 09:09:21 EST 2001
I've got logcheck tuned to monitor my snort alert and portscan logs
only. Check for new alerts every 15 minutes and mails them to me. I
also log to MySQL and do the analysis using ACID. The combination works
pretty well for me but YMMV.
Bob Staaf wrote:
> Hello all,
> Is anyone out there using Logcheck with Snort? I know there are far
> more robust ways to monitor Snort logs but for now that is not an option. I
> will be looking at this tonight to see if I can find a solution but want to
> avoid reinventing the wheel if someone else has already dealt with this.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
Sean R. Brown - srbrown at ...1498...
System Administrator Applied Geographics, Inc. Boston, MA
More information about the Snort-users