[Snort-users] AW: Snmp traps v 1 ( cont ... )
Sandro.Poppi at ...3316...
Fri Feb 22 06:28:04 EST 2002
> Thanks for the help !
> Do you know the program I can use to send snmp traps v 1 ?
On our Solaris 8 (Sparc) I found /usr/sbin/snmp_trapsend which seems to be
what you need. I've never tested it and am not a Solaris guru so you'll have
to try yourself ;)
> How can I log things in an easy way to identify the atacks (
> something like
> sneeze output ) in one place ( not directories only a file
> with the alerts ) ?
I use the output alert_syslog option in snort.conf to log to syslog. If you
would prefer a single file for snort alerts you might use
output alert_syslog: LOG_LOCAL0 LOG_ALERT LOG_PID
and edit /etc/syslog.conf and add something like
Ahm, I tested this with linux, should be similiar with solaris.
Then use swatch to send trap.
More information about the Snort-users