[Snort-users] Remote Syslogging.

Erek Adams erek at ...577...
Fri Dec 6 11:55:05 EST 2002

On Fri, 6 Dec 2002, Patrick Williams wrote:

> I add the syslog switch, -s, and put this statement in my syslog.conf,
> "*snort*        @managmentserverIP           #Forward Snort msg to mgmt
> station"


Well, for one, there is not facility called 'snort'.  Snort defaults to
use auth.alert for it's syslog info, but that can be changed.

Erek Adams

More information about the Snort-users mailing list