[Snort-users] Logging to Remote syslog server

Rich Adamson radamson at ...2127...
Sun Mar 31 17:37:05 EST 2002


Terry,
Yes it can. Check out the -s command line option.
It's something like -s 192.168.1.1 which sends syslog alerts to that
IP address. You can specify a port different than the default udp514
as well. Might also check the man pages to see what Facility and Priority
is used as default values.
Rich
------------------------
>    Just trying to find a way to log to a remote syslog server WITHOUT using the local syslog 
server as a forward.... Can this even be done? I haven't found and info on this becides logging 
to the local syslog server and then having that write to the remote server...
> Any help would be great....  Thanx.





More information about the Snort-users mailing list