[Snort-users] snort not sending messages to syslog

Eric Hines eric.hines at ...8860...
Fri Feb 24 08:06:15 EST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim,

Try running tcpdump or snort in sniffer mode with BPF filters (snort
- -vXedi eth0 'src or dst port 514' to see if Snort is even sending them
out.

Are you using Syslog on the other end or Syslog-NG? Make sure Syslog is
configured properly of course.



Best Regards,

Eric Hines, GCIA, CISSP
CEO, President
Applied Watch Technologies, LLC


- ---------------------------------------------

Eric Hines, GCIA, CISSP
CEO, President
Applied Watch Technologies, LLC
1095 Pingree Road
Suite 213
Crystal Lake, IL 60014
Toll Free: (877) 262-7593 ext:327
Direct: (847) 854-2725 ext:327
Fax: (847) 854-5106
Web: http://www.appliedwatch.com
Email: eric.hines at ...8860...

- --------------------------------------------

"Enterprise Open Source Security Management"


Jim B wrote:
> I have configured snort to send messages to syslog but they are not being
> sent to syslog, how can determine why the messages or alerts are not being
> sent to syslog?
> 
> 
> Jim
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFD/y8/bOqF2QHgUK0RAvRlAKC+e3E2NGdr0W3CqxAK9mwj08sBYQCfZfBV
tNjkn9shUL4p62R4HCiq63Y=
=0CSE
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list