[Snort-users] A little Off Topic : syslog configuration

Dave Morrow david.morrow at ...10082...
Tue Sep 16 09:40:01 EDT 2003


Hi all. My question is a little off topic, but hopefully someone will be
kind enough to lend a hand.

I am in the process of actually performing some intrusion detection, using
Snort, ACID, etc. and am having some degree of difficulties with Syslog.
What I would like to do is have syslog messages which originate from a
specific host, put in a specific logfile for insertion into the snort
database by logsnorter.  How would one configure syslog.conf to force all
messages coming from say host1 into a particular file ex. /var/log/host1.log

David Morrow
Systems Technical Lead, IT Operations
P: (519) 951-6079
F: (519) 451-6615
mailto: david.morrow at ...10082... <mailto:david.morrow at ...10082...> 
 
......poor planning on your part does not make an emergency on my
part........

 This message has originated from Autodata Solutions.  The attached material
is the Confidential and Proprietary Information of Autodata Solutions. This
email and any files transmitted with it are confidential and intended solely
for the use of the individual or entity to whom they are addressed. If you
have received this email in error please delete this message and notify the
Autodata system administrator at  Administrator at ...10082...
<mailto:Administrator at ...10082... <mailto:Administrator at ...10082...> >







More information about the Snort-users mailing list