[Snort-users] Snort + email alerts

Drew Burchett DrewB at ...13821...
Tue Jun 13 08:10:01 EDT 2006


I've heard a number of people recommend swatch for sending alert emails.
I haven't tried it yet, but it sounds like a good solution.

 

Drew Burchett

United Systems & Software

http://www.united-systems.com

Phone:  (270)527-3293

Fax:     (270)527-3132

 

  _____  

From: snort-users-bounces at lists.sourceforge.net
[mailto:snort-users-bounces at lists.sourceforge.net] On Behalf Of Denis
Morejon Lopez
Sent: Monday, June 12, 2006 3:28 PM
To: lista-snort
Subject: [Snort-users] Snort + email alerts

 

Hello colleagues:

 

I read the snort faq but I got nothing specific about email some
important alerts, such as the ones with levels 1 and 2 in the
classification.config file.

I set the output keyword to alert_syslog in the snort.conf so that i
could send emails later, and then some files were created in
/var/log/snort/  endeed, but the LogWatch does not want to get the
information into those files and it only send alerts from the kernel.

 

Is there another tool to send emails ? 

How can I fix LogWatch or snort to send the alerts ?

Remember I would only need the must important alerts by email!

 

Thank you!

 

 

 

 


--
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.

-- 
This message has been scanned for viruses and dangerous content by MailScanner and is believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20060613/661b55fd/attachment.html>


More information about the Snort-users mailing list