[Snort-users] Snort ---> syslog

spy spyguy703 at ...741...
Thu Jun 20 23:29:02 EDT 2002


Anyone have any experience with snort logging to syslog?
I have a few questions before i 'try' it.

1) Are logs and alerts LACKING useful data that you would normally get with 
regular snort logging?

2) Are you using any correlation tools like NetForensics or something else?

3) Can you send syslog from multiple snort sensors to one syslog server and 
run swatch? If yes, what do you like/not like about doing it this way?


Thanks in advance!
spyguy





More information about the Snort-users mailing list