[Snort-users] Snort for Windows, filter for syslog ?

Turnquist,Wayne WayneTurnquist at ...12076...
Thu Jan 12 07:00:04 EST 2006


I have the newest version of Snort/Base on a windows 2003.

I now have the rules tweaked to a point where i have very few alerts showing up in base.

I have kiwi syslog up and running where i'm goint to use for very critical events are sent. Example, 3 fail logins with sound alerts, log all successful login to a file, and ect

I was wondering if it is possible to have syslog alerts sent if the classification is for example trojan-activity along with logging to base?


thanks
wt




More information about the Snort-users mailing list