[Snort-users] disallowing /var/log/snort logging and interface name for windows 2000

Always Bishan bishan4u at ...1396...
Wed Jul 23 06:36:02 EDT 2003


Hi Snorters,

I have three sensors installed at my client's network.
The three sensors are configured to alert into a
central MySQL database server and they are alerting
 without problems. Now the problem is it is also
logging into flat files in the directory 
/var/log/snort.

One sensor is on Windows 2000 and 2 on Linux. Now how
do I make all the three sensors not to log into flat
files?

Now the second problem is that of sensor name. When I
view all the sensors through ACID the linux sensors
give nice name like 192.168.2.1:eth0, but for windows
2000 sensor it gives a wierd name like
NARAYANA:DeviceNPF_{A9EC2260-C221-4A05-B993-26C45EA1824C}:DeviceNPF_{A9EC2260-C221-4A05-B993-26C45EA1824C}.

How do I give a proper sensor name for Windows sensor?

Any clues, Welcome!

Regards,
BIshan 


________________________________________________________________________
Want to chat instantly with your online friends?  Get the FREE Yahoo!
Messenger http://uk.messenger.yahoo.com/




More information about the Snort-users mailing list