[Snort-users] Syslog problem???

Rich Adamson radamson at ...2127...
Fri May 25 14:01:45 EDT 2001


Is anyone else having problems with generating syslog messages from
snort v1.7 either in the unix or win32 environment?

I'm having difficulty getting a correct/reasonable "facility" name 
associated with snort generating syslog messages. The snort.conf file
contains:
  output alert_syslog: LOG_LOCAL2 LOG_WARNING
however the syslog messages continue to be generated with a syslog
header of <81>. The <81> translates into Facility=10 (undefined) and
Priority= 1 (LOG_ALERT).

Other parameters within snort.conf function correctly.

Anyone?

Rich





More information about the Snort-users mailing list