[Snort-users] Alert in syslog file

Jose Maria Lopez jkerouac at ...12346...
Sat Oct 16 05:47:04 EDT 2004


El vie, 15 de 10 de 2004 a las 07:57, prabu escribió:
> >
> If U r using snort on Windows,
> then u must comment the following line in snort.conf.
> # output alert_syslog: LOG_AUTH LOG_ALERT
> 
> If it is on Unix machines,
> then U must comment on the line,
> # output alert_syslog: LOG_AUTH LOG_ALERT
> 
> Have u commented the right one?
> 
> Cheers,
> Prabu.S

And obviously activate the lines with the right sentence, like:

output alert_full: /var/log/snort/alert

for instance.

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac at ...12346...
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"





More information about the Snort-users mailing list