[Snort-users] Logging facilities...

peter.grosse-hering at ...9150... peter.grosse-hering at ...9150...
Mon May 12 03:11:04 EDT 2003


Hi,

With the implemenattion of the newest release, we want to change our logging
and alertig strategy. Now we want to downgrade rules from "alert"- to
"log"-action instead of using priorities. But: how can I log the "log" rules
in the same manner as the "alert" ones (e. g. as the format in alert_full or
alert_fast)??? Besides database logging or various binary formats, we just
want to log everything matching a rule to textfiles. Can anyone help?

Thank you,

Peter


Peter Große-Hering
IT-Consultant
GE Network Solutions
Europaring 60
40878 Ratingen
+49 (2102) 108-211
mailto:Peter.Grosse-Hering at ...9150...

Please visit our website at: http://www.gepower.com/networksolutions 





More information about the Snort-users mailing list