[Snort-users] Snort for Windows, filter for syslog ?
WayneTurnquist at ...12076...
Thu Jan 12 07:00:04 EST 2006
I have the newest version of Snort/Base on a windows 2003.
I now have the rules tweaked to a point where i have very few alerts showing up in base.
I have kiwi syslog up and running where i'm goint to use for very critical events are sent. Example, 3 fail logins with sound alerts, log all successful login to a file, and ect
I was wondering if it is possible to have syslog alerts sent if the classification is for example trojan-activity along with logging to base?
More information about the Snort-users