[Snort-users] syslog viewer

darek darek at ...6535...
Mon Aug 5 13:29:04 EDT 2002


The way I have it set up is that I start snort with the -s flag set.

In /etc/syslogd.conf you can specify:
!snort
*.*                                             @some.host.on.your.net

All alerts will be sent to that host. We use the Kiwi Syslog Daemon for 
Windows. It displays syslog messages from many different hosts; router 
messages, root logins, ftp sessions, smtp monitors, and snort.


spyguy wrote:

>Hello all,
>
>I would like to have all of my snort sensors log to syslog and have syslog 
>sent to a single server. Unfortunately, I don't feel like reading through a 
>ton of syslog via ssh. I would rather view it on some sort script-generated 
>html page.
>
>Anyone have any recommendations? Is anyone doing any syslog output, and if 
>yes, how do you view the logs?
>
>Thanks in advance.
>
>
>-------------------------------------------------------
>This sf.net email is sponsored by:ThinkGeek
>Welcome to geek heaven.
>http://thinkgeek.com/sf
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=ort-users
>
>
>  
>






More information about the Snort-users mailing list