[Snort-users] Remote syslog server using snort.conf

Wayne T Work securitygauntlet at ...3130...
Sat Aug 24 20:50:02 EDT 2002


Try uncommenting these lines is the conf and fill in the data for SYSlog 
and MySQL

This example will create a rule type that will log to syslog
# and a mysql database.
# ruletype redalert
# {
#   type alert
#   output alert_syslog: LOG_AUTH LOG_ALERT
#   output database: log, mysql, user=snort dbname=snort host=localhost
# }

At 11:14 PM 8/24/2002 -0400, Sandy Taylor wrote:
>I have read through the manual and FAQ. I found how to log to a remote
>syslog server at the command line and how to log to a syslog server on the
>local machine.
>
>  But  what I want to do is both log to a MySQL database and a remote syslog
>server. Thusly, I have to use the snort.conf to log to both right? So, the
>10k dollar question is how do I configure snort.conf to log to a remote
>syslog server? Can I specify a port (other than the default)?
>
>Any suggestions would be appreciated.
>
>Thank you.
>
>
>
>-------------------------------------------------------
>This sf.net email is sponsored by: OSDN - Tired of that same old
>cell phone?  Get a new here for FREE!
>https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list