[Snort-users] sending alerts by email / active response Win2K system [RMC-J7FLJI4]
L. Christopher Luther
CLuther at ...6333...
Tue Jan 28 11:17:04 EST 2003
Ask and ye shall receive:
EventSentry Light - http://www.netikus.net/products_downloads.html
I've not compared the functionality of EventSentry Light to the original
EventWatchNT, but I really liked EventWatchNT. For a freeware Event Log
monitor, it just could not be beat (IMHO).
I personally like the freeware version Kiwi Syslog Daemon, but
unfortunately, the filter/trigger e-mail functionality is only available in
the registered product. (sigh...)
From: "Michael Steele" <michaels at ...155...>
To: "'Romulo M. Cholewa'" <rmc at ...8111...>,
<snort-users at lists.sourceforge.net>
Subject: RE: [Snort-users] sending alerts by email / active response Win2K
Date: Tue, 28 Jan 2003 07:44:52 -0800
You will need something like Syslog Daemon and run the alerts through that.
It has an option of emailing on certain triggers. If you find a free tool
that works, please let us windows folks know. The alerts can be sent to the
Event Viewer, application log in Windows and if you can find something to
parse that file and alert, that would be great.
Michael Steele | System Engineer / Support Technician =20
mailto:michaels at ...155... =20
Silicon Defense: IDS solutions - http://www.silicondefense.com
Snort: Open Source Network IDS - http://www.snort.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users