[Snort-users] Remote Syslogging.

Erek Adams erek at ...577...
Fri Dec 6 11:55:05 EST 2002


On Fri, 6 Dec 2002, Patrick Williams wrote:

> I add the syslog switch, -s, and put this statement in my syslog.conf,
> "*snort*        @managmentserverIP           #Forward Snort msg to mgmt
> station"

[...snip...]

Well, for one, there is not facility called 'snort'.  Snort defaults to
use auth.alert for it's syslog info, but that can be changed.

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net




More information about the Snort-users mailing list