[Snort-users] snort + logsurfer

Erik Fichtner emf at ...367...
Fri Dec 6 07:57:04 EST 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, Dec 06, 2002 at 09:04:58AM -0200, Wilson A. Galafassi Jr. wrote:
> any help-me to run logsurfer with snort for send SMS messages when a
> critical event occour???


well, it's not exactly that easy.   Logsurfer is pretty powerful, so
your question is really a lot like "Can anyone help me run perl with
snort to send SMS messages...."

But, a long while back I got a wild hair and started putting up some
simple logsurfer examples based on my real conf file. [1]  
With the logsurfer docs, this might get you on the road to doing 
something with snort&logsurfer:
	http://www.obfuscation.org/emf/logsurfer/snort.txt

(granted, all the example does is capture big batches of events
from a particular source and ship it off to you in a large email,
so you'll undoubtably want to make changes when using SMS.)


[1] I never really got anywhere with this, though, so most people
will be pretty disappointed in the examples.   Someday I may finish.
maybe.

- -- 
Erik Fichtner
Security Administrator, ServerVault Corp.
703-652-5900
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQE98MihQ7EzrewLMS0RAr4aAKDWtDQu2Q3pxR+Yai/LXHkTt5HXlQCgt7xr
qHaVtTbZ1vjawH5QBp9y7+s=
=Drk4
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list