[Snort-users] Lost in the config file

K. A. Steensma keith at ...6181...
Wed Jun 26 21:07:02 EDT 2002


John Sage wrote:
> On Wed, Jun 26, 2002 at 08:56:31PM -0500, K. A. Steensma wrote:
> 
>>This is a very small portion of a old message -
>>
>>-s xxx.xxx.xxx.xxx:xxx
>>*** This works properly ***
>>

I'm afraid that I depended on someone elses message -
-----Original Message-----
From: Michael Steele [mailto:michaels at ...155...]
Sent: Thursday, June 20, 2002 9:25 AM
To: dlpassport at ...6137...
Subject: RE: [Snort-users] Problems logging to syslog and mysql 
simultaneously

DL,
We are working on this problem.

1. You can log to local Syslog?
*** Only when using -s ***

Using what method?

1. output alert_syslog: LOG_AUTH LOG_ALERT
    output alert_full
  *** This doesn't log at all ***

2. -s xxx.xxx.xxx.xxx:xxx
*** This works properly ***

3. Item 2 is local or remote?
*** When using a -s, this works locally and remotely ***
-----Original Message-----

What I really want to do is to log everything to a machine behind the 
main firewall and inside the protected LAN, but I don't find a method to 
do it.





More information about the Snort-users mailing list