[Snort-users] alert_syslog

Josh Berry josh.berry at ...10221...
Fri Feb 6 10:58:05 EST 2004


You can configure your syslog.conf file with:

auth.alert       /var/log/(whatever_you_want_to_call_the_file)

and then restart syslog.  I am not sure if this works with the command
line switch but it works if you use the syslog configuration in your
snort.conf file.

> Hi,
>
> Does anyone know how to sends alerts to some other file other than to
> the default syslog file (when using the -s switch command line)?
>
> Thanks in advance,
> Peggy
>
>
>
> -------------------------------------------------------
> The SF.Net email is sponsored by EclipseCon 2004
> Premiere Conference on Open Tools Development and Integration
> See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
> http://www.eclipsecon.org/osdn
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>


Thanks,
Josh Berry, CISSP
CTO, VP of Product Development
LinkNet-Solutions
469-831-8543
josh.berry at ...10268...





More information about the Snort-users mailing list