[Fwd: RE: [Snort-users] Changing default syslog Facility:Priority for all alerts]
mtunnell at ...13707...
Tue Feb 21 11:59:02 EST 2006
Thanks for the responses. My problem turned out to be that I was
trying to configure multiple alert_syslog statements to send to
different syslog facilities and the later ones kept over-riding the
previous ones. It appears only one syslog priority may be set. So,
I'll go with one and do the parsing on the other end.
More information about the Snort-users