[Snort-users] Snort and logging

Lars Norman Søndergaard Lars.Sondergaard at ...4885...
Wed Feb 6 06:34:55 EST 2002


All,

 

I'm running Snort 1.8.3 on Win2K - my problem is that I would like to log
alerts to a syslog server (on another machine) but I would still like to
have alert.ids

I assumed that I should do something like

 

 {

   type alert

   output alert_syslog: LOG_AUTH LOG_ALERT

   output alert_full: alert-full.txt

 }

 

It seems that I need to specify snort -l c:\snort\log, otherwise snort.exe
will complain about /var/log/

 

What am I doing wrong here?


Thanks 
Lars

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020206/c00976ad/attachment.html>


More information about the Snort-users mailing list