[Snort-users] How to configure Logwatch

Kenny D bitored2002 at ...3162...
Mon May 20 07:23:02 EDT 2002


Hi, 

I was looking at getting logwatch working.  I edited
/etc/log.d/logwatch.conf:

# Default Log Directory
# All log-files are assumed to be given relative to
this directory.
# This should be /var/log on just about all systems...
LogDir = /var/log/snort

hoping that it might pick up on the alert file that
lives there.

But now I'm thinking that I'll have to write my own
perl script under /etc/log.d/scripts. That scripts
directory seems to have service specific scripts in
it.

If this is the case, has anyone done this already?  I
am not a perl programmer but a network admin. What is
required to get logwatch to watch my snort logfile?

Thanks.

http://briefcase.yahoo.com.au - Yahoo! Briefcase
- Save your important files online for easy access!




More information about the Snort-users mailing list