[Snort-users] Stealth syslog to remote server

Carol Overes message4casa at ...131...
Sat May 24 03:27:05 EDT 2003


Hi,

I'm looking for a method to sniff syslog messages on a
ethernet segment, and forward these messages to a
remote syslog server. I want to capture the syslog
messages by using snort in stealth mode. 

I have seen some articles about this matter
(http://www.linuxsecurity.com/feature_stories/snortlog-part1.html).
However, in this case a snort alert is logged to
syslog. I want to log the captured syslog packets to a
remote syslog server.

There is a script that can log to syslog, called
'snort2syslog'. But I was wondering if Snort can log
these messages by it self.

Anyone experience with this matter ?

Thanks in advance,

Carol


__________________________________
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
http://search.yahoo.com




More information about the Snort-users mailing list