[Snort-users] snort/syslog/Win2k

L. Christopher Luther CLuther at ...6333...
Tue Apr 22 13:17:20 EDT 2003

There are a number of 'free' syslog daemons[0] for Win2K, but by default,
the Snort Win2K 'syslog' functionality writes data to the local Application
Event Log.  

You used to have to use a tweaked '-s ipaddr:514' command line parameter in
versions of Win32 Snort previous to 2.0 to get Snort to send syslog message
to a syslog daemon on another computer.  In fact, this is exactly what I do.
My two Win32 Snort sensors send syslog alerts to a central Win32 syslog

- Christopher 

[0] http://is-it-true.org/nt/nt2000/atips/atips105.shtml - See Kiwi and 3COM
at the bottom of the page.

-----Original Message-----
From: Julian Brown [mailto:jbrown at ...8965...]
Sent: Tuesday, April 22, 2003 3:28 PM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] snort/syslog/Win2k

I want to be able to get emails of alerts.

But I only have Win2K machines, I do not have UNIX.  Can I still use the 
alert_syslog, but not have a Linux/UNIX machine that can process the syslog 


This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list