[Snort-users] Snort, ACID and portscan.log

Christopher Cook crcook at ...6518...
Fri Aug 9 09:05:03 EDT 2002


I currently have Snort running on one box and doing all the spiffy mySQL 
logging to another centrally located machine.  It's set to log alerts 
and does that just fine.  Snort is set to log portscans and send them to 
a portscan file locally to the snort box.  I didn't see any options in 
Snort to send the portscan file to the remote log server so that ACID 
can access it.  Is there a way to send the file to the remote log server 
through Snort, or do I need to set a job to do it every night or so?

Chris Cook
Security and Support Specialist
Office of Information Technology
Oakland University





More information about the Snort-users mailing list