[Snort-users] Setting up snort to syslog diffrent priority's

L. Christopher Luther CLuther at ...6333...
Tue Apr 29 09:13:19 EDT 2003

Check out the Snort docs [0], but the option you're probably looking for is:

    output alert_syslog: <facility> <priority> <options>

- Christopher

[0] http://www.snort.org/docs/writing_rules/chap2.html#tth_sEc2.5.1

-----Original Message-----
From: Jason A. Kates [mailto:jason at ...9065...]
Sent: Tuesday, April 29, 2003 12:26 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Setting up snort to syslog diffrent priority's

What I am looking to do is to have snort do remote logging via syslog.

Currently all of the syslog messages received from my snort
installation are being logged with a syslog level of info.

I would like to map the snort Priorities to syslog levels and I don't
seem to see how to do it.

I would like to be able to setup a mapping such as:
snort priority: 1  to syslog level err
snort priority: 2  to syslog level warning
snort priority: 3  to syslog level notice

If my configurations or startup script would be of any use please let me
			Thanks -Jason

Jason A. Kates (jason at ...9065...) 
Fax:    208-975-1514

This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list