[Snort-users] Windows snort to syslog

Cintron, Jose J. jcintron at ...312...
Mon Oct 27 11:37:04 EDT 2008

I have a snort server running on Windows ( and I have a
remote syslog server running again on a Windows server (
(using Kiwi Syslog).  My snort.conf file says...
output alert_syslog: host=, log_auth log_alert
I've tried changing the address to address port (  I
tried to send to the TCP port (1468) of the syslog server instead of
the UDP port just to check.  I have a sniffer to see all traffic from
the snort box to the syslog server.
And I don't see a thing.  What am I doing wrong (I'm sure that it's me
and not the pig).

| José J. Cintrón - <jcintron at ...312... <mailto:jcintron at ...312...> >
| MITRE Corporation
| 7515 Colshire Drive
| Mail Stop T330
| McLean, VA  22102-7508
| Phone: 703.983.3040
| Fax: 703.983.1397
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20081027/4a568b74/attachment.html>

More information about the Snort-users mailing list