[Snort-users] syslog output

Joel Esler joel.esler at ...1935...
Mon May 22 13:45:05 EDT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, Barnyard can output via the alert_syslog module.

Joel

hchlai at ...2792... wrote:
> Awesome. It works perfectly! However, wouldn't it hamper the performance
> of Snort? I run barnyard on the same box too, would it be possible to
> configure barnyard to send syslog to a remote syslog server?
> 
> Thanks!
> 
> HinSuk
> 
> 
> -----Original Message-----
> From: rmkml <rmkml at ...953...>
> To: hchlai at ...2792...
> Sent: Mon, 22 May 2006 18:08:23 +0200 (CEST)
> Subject: Re: [Snort-users] syslog output
> 
> Hi,
> snort syslog localy,
> and run syslogd/syslog-ng to remote syslog srv ...
> Regards
> Rmkml
> 
> On Mon, 22 May 2006, hchlai at ...2792... wrote:
> 
>> Date: Mon, 22 May 2006 12:00:20 -0400
>> From: hchlai at ...2792...
>> To: snort-users at lists.sourceforge.net
>> Subject: [Snort-users] syslog output
>  > > Can I configure Snort (running on Linux) to do syslog output to a
> syslog > server? It seems "output alert_syslog: host=192.168.1.1,
> LOG_AUTH LOG_ALERT" > doesn't work.
>  > I can see Snort is running, but the traffic is not going to the
> appropriate > syslog server. It just don't do anything.
>> Anybody has similar situation?
>>
>> HinSuk
>>
>> ___________________________________________________
>> Try the New Netscape Mail Today!
>> Virtually Spam-Free | More Storage | Import Your Contact List
>> http://mail.netscape.com
>>
>>
>>
>> -------------------------------------------------------
>  > Using Tomcat but need to do more? Need to support web services,
> security?
>  > Get stuff done quickly with pre-integrated technology to make your
> job easier
>  > Download IBM WebSphere Application Server v.1.0.1 based on Apache
> Geronimo
>  > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
> 
> 
> ___________________________________________________
> Try the New Netscape Mail Today!
> Virtually Spam-Free | More Storage | Import Your Contact List
> http://mail.netscape.com
> 
> 
> 
> -------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 

- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEciK1KbCSyXHckt4RAlw+AJ9sjpbVg9GptUaO7xUEz3Kftjr86wCgkA/K
2g53NkjDvUaBdsvGuBomusA=
=Pb1l
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list