[Snort-users] Logging to Remote syslog server
radamson at ...2127...
Sun Mar 31 17:37:05 EST 2002
Yes it can. Check out the -s command line option.
It's something like -s 192.168.1.1 which sends syslog alerts to that
IP address. You can specify a port different than the default udp514
as well. Might also check the man pages to see what Facility and Priority
is used as default values.
> Just trying to find a way to log to a remote syslog server WITHOUT using the local syslog
server as a forward.... Can this even be done? I haven't found and info on this becides logging
to the local syslog server and then having that write to the remote server...
> Any help would be great.... Thanx.
More information about the Snort-users