[Snort-users] Snort and logging

Lars Norman Søndergaard Lars.Sondergaard at ...4885...
Wed Feb 6 06:34:55 EST 2002



I'm running Snort 1.8.3 on Win2K - my problem is that I would like to log
alerts to a syslog server (on another machine) but I would still like to
have alert.ids

I assumed that I should do something like



   type alert

   output alert_syslog: LOG_AUTH LOG_ALERT

   output alert_full: alert-full.txt



It seems that I need to specify snort -l c:\snort\log, otherwise snort.exe
will complain about /var/log/


What am I doing wrong here?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20020206/c00976ad/attachment.html>

More information about the Snort-users mailing list