[Snort-users] Snort ---> syslog
spyguy703 at ...741...
Thu Jun 20 23:29:02 EDT 2002
Anyone have any experience with snort logging to syslog?
I have a few questions before i 'try' it.
1) Are logs and alerts LACKING useful data that you would normally get with
regular snort logging?
2) Are you using any correlation tools like NetForensics or something else?
3) Can you send syslog from multiple snort sensors to one syslog server and
run swatch? If yes, what do you like/not like about doing it this way?
Thanks in advance!
More information about the Snort-users