[Snort-users] How to use the Various Outplugins present in the SnortCenter

Alberto Gonzalez albertg at ...7149...
Fri Dec 6 23:53:02 EST 2002


I don't use SnortCenter. Though snort comes with all those capabilities. 
alert_fast and alert_smb in your snort.conf under
output plugins. Now again I don't use snortcenter, you can use either 
alert_syslog or -s on the command line and configure
swatch to watch your logs. I'm sure you can hack-up a script to run from 
cron to enter /var/log/snort (or wherever you log)
and e-mail you the stuff periodically. I know this doesn't discuss 
anything related to snortcenter, but hopes it gives you some
ideas.

Cheers!

    - Alberto

Atul Shrivastava wrote:

> *Hello,*
> ** 
> *I have successfully setup and running Snort with your great software 
> SnortCenter. Now I want to configure the Outplugin for*
>
>     * *Alert SMB (Send WinPopup alert messages to netbios named
>       machine) and also *
>     * *Alert Fast (Print snort alerts in a quich one line format) *
>     * *And can I directly mail the alerts to some email id from the
>       snort center itself because it can cause the alerts to be
>       e-mailed instantly. It means that we provide some email id at
>       the time of configuration and then some predefined alerts are
>       emailed to that id along with storing in the database and syslog.*
>
> *So, Can you help me in this regard. Basically I want to know how can 
> we configure that all. Can you mail me some document regarding this 
> issue.*
> *Thanks in advance.*
> ** 
> *Redards and have a nice day,*
> ** 
> *                                                Atul Shrivastava*
> ** 


-- 
The secret to success is to start from scratch and keep on scratching.






More information about the Snort-users mailing list