[Snort-users] mailing alerts

Semerjian, Ohanes Semerjian.Ohanes at ...4899...
Mon Mar 18 19:32:02 EST 2002


Thanks Sam,

I was avoiding the syslog coz that mean that data is been logged twice once
to mysql and also to syslog, but it seams that there is/are no other way to
achieve this.

Best Regards

Ohanes Semerjian

-----Original Message-----
From: Sam Evans [mailto:sam at ...5202...]
Sent: Tuesday, 19 March 2002 14:11
To: Semerjian, Ohanes; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] mailing alerts


One suggestion would be to use 'swatch' to watch your raw alert logs, and
set it up to mail on different event matches from within 'swatch'.  It would
be independent of your ACID and mysql, but is still very effective.

-Sam


----- Original Message -----
From: "Semerjian, Ohanes" <Semerjian.Ohanes at ...4899...>
To: <snort-users at lists.sourceforge.net>
Sent: Monday, March 18, 2002 6:31 PM
Subject: [Snort-users] mailing alerts


> Currently I'm running Snort which logs to mysql and ACID. Is there a way
to
> e-mail alerts of interest automatically...!
>
> Ideas are appreciated.
>
> Best Regards
>
> Ohanes Semerjian
>
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>





More information about the Snort-users mailing list