[Snort-users] Alert in syslog file

prabu prabu333 at ...8908...
Thu Oct 14 23:00:12 EDT 2004

> I see that all my alerts are sending to the syslog system. Is is
> obligatory??!?
> How can I remove that option  ?! Because the syslog file becomes very 
> bigger
> when there is lot of alert !!!
> How must I do to don't send alert to syslog?
> I have removed the line in the snort.conf that send to syslog, but it
> continue to send it in syslog

If U r using snort on Windows,
then u must comment the following line in snort.conf.
# output alert_syslog: LOG_AUTH LOG_ALERT

If it is on Unix machines,
then U must comment on the line,
# output alert_syslog: LOG_AUTH LOG_ALERT

Have u commented the right one?


Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.776 / Virus Database: 523 - Release Date: 10/12/2004 

More information about the Snort-users mailing list