[Snort-users] Snort, ACID and portscan.log
crcook at ...6518...
Fri Aug 9 09:05:03 EDT 2002
I currently have Snort running on one box and doing all the spiffy mySQL
logging to another centrally located machine. It's set to log alerts
and does that just fine. Snort is set to log portscans and send them to
a portscan file locally to the snort box. I didn't see any options in
Snort to send the portscan file to the remote log server so that ACID
can access it. Is there a way to send the file to the remote log server
through Snort, or do I need to set a job to do it every night or so?
Security and Support Specialist
Office of Information Technology
More information about the Snort-users