[Snort-users] Logcheck and Snort

Sean Brown srbrown at ...1498...
Wed Mar 7 09:09:21 EST 2001


I've got logcheck tuned to monitor my snort alert and portscan logs
only.  Check for new alerts every 15 minutes and mails them to me.  I
also log to MySQL and do the analysis using ACID.  The combination works
pretty well for me but YMMV.

Sean

Bob Staaf wrote:
> 
> Hello all,
> 
>      Is anyone out there using Logcheck with Snort?  I know there are far
> more robust ways to monitor Snort logs but for now that is not an option.  I
> will be looking at this tonight to see if I can find a solution but want to
> avoid reinventing the wheel if someone else has already dealt with this.
> 
> Thanks
> 
> Bob
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users

-- 
~~~~~~~~~~~~~~~
Sean R. Brown - srbrown at ...1498...
System Administrator   Applied Geographics, Inc.   Boston, MA




More information about the Snort-users mailing list