[Snort-users] Snort + email alerts
DrewB at ...13821...
Tue Jun 13 08:10:01 EDT 2006
I've heard a number of people recommend swatch for sending alert emails.
I haven't tried it yet, but it sounds like a good solution.
United Systems & Software
From: snort-users-bounces at lists.sourceforge.net
[mailto:snort-users-bounces at lists.sourceforge.net] On Behalf Of Denis
Sent: Monday, June 12, 2006 3:28 PM
Subject: [Snort-users] Snort + email alerts
I read the snort faq but I got nothing specific about email some
important alerts, such as the ones with levels 1 and 2 in the
I set the output keyword to alert_syslog in the snort.conf so that i
could send emails later, and then some files were created in
/var/log/snort/ endeed, but the LogWatch does not want to get the
information into those files and it only send alerts from the kernel.
Is there another tool to send emails ?
How can I fix LogWatch or snort to send the alerts ?
Remember I would only need the must important alerts by email!
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
This message has been scanned for viruses and dangerous content by MailScanner and is believed to be clean.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users