[Snort-users] Syslog How To

twig les twigles at ...131...
Thu Jul 17 10:24:08 EDT 2003


I think I can add a tip based on the line below.
--------------------------------------------------
If you add a line something like:

     auth.alert                @some.host.somewhere
--------------------------------------------------

Go into the file /etc/hosts and add a line like:

10.1.1.1                  syslog-server

Now in the syslog.conf you tell syslogd to send messages to
"@syslog-server" instead of telling it to send them to 10.1.1.1.
 So now if you change your syslog server IP address you don't
have to reboot syslogd, after all...the *nix world is
anti-reboot :)

=====
-----------------------------------------------------------
Emo is what happens when the glee club goes punk.       
-----------------------------------------------------------

__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com




More information about the Snort-users mailing list