[Snort-users] Remote Syslogging.
erek at ...577...
Fri Dec 6 11:55:05 EST 2002
On Fri, 6 Dec 2002, Patrick Williams wrote:
> I add the syslog switch, -s, and put this statement in my syslog.conf,
> "*snort* @managmentserverIP #Forward Snort msg to mgmt
Well, for one, there is not facility called 'snort'. Snort defaults to
use auth.alert for it's syslog info, but that can be changed.
More information about the Snort-users