[Snort-users] barnyard: alert_syslog2 not working
Botwick, Jason (Genworth, Contractor)
Jason.Botwick at ...12522...
Thu Oct 7 16:01:29 EDT 2004
Here is my barnyard.conf file
config hostname: x.x.x.x
config interface: x
output alert_syslog2: severity: NOTICE; facility: LOCAL1;
#output alert_syslog: LOG_LOCAL2 LOG_ALERT LOG_NDELAY
Here are the lines I added to the syslog.conf file:
I SIGHUP'd both syslogd and barnyard. I even tried rebooting once, but
Running the command:
barnyard -o snort.eth1.alert.1097060734 -c /etc/snort/barnyard.conf
Produces no output in /var/log/barnyard.log
I have Snort configured to output in unified format. I know that this is
working because I can get Barnyard to log to a database, and also the
alert_syslog plugin works fine (using the commented directive above).
Any ideas why the old syslog plugin works, but the new one doesn't? What am
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users