LKeaton at ...10093...
Thu Sep 25 08:43:05 EDT 2003
I'm having a difficult time installing logsurfer-1.5b. I just the
./configure --prefix=/usr/local --with-etcdir=/etc. Ok it looks like it
installing just find. But when I go look for the logsurfer.conf file in
/usr/local/etc or in /etc it's not there. Any ideas?
From: Edin Dizdarevic [mailto:edin.dizdarevic at ...7509...]
Sent: Tuesday, September 23, 2003 12:46 PM
To: Keaton, Lindamaria
Cc: jon baer; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort-Swatch
If you were using logsurfer I could drop you some appropriate
configuration rules. Do you have to use Swatch?
Keaton, Lindamaria wrote:
> /usr/bin/local/snort -c /etc/snort/snort.conf
> Is anyone using swatch to email alerts?
> If so, can someone tell me how to configure swatch to send entire
> content of an alert. Right now I'm getting alerts send but this is all
> I'm getting in the body of the email.
> TCP TTL:64 TOS:0x0 ID:33690 IpLen:20 DgmLen:1500 DF.
> I would like to see source, destination, time, and what the actually
> alert is. Anyone have any ideas?
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users