ml at ...12839...
Mon Jun 11 05:47:32 EDT 2012
On 06/06/12 15:58, Jarrett Carver wrote:
> I don't believe LOG_SECURITY is a valid facility to use in the output
> alert_syslog. If you look in
> ~/snort-22.214.171.124/src/output-plugins/spo_alert_syslog.c you will see that
> only the following facility keywords are available to the syslog output:
> I would recommend changing the facility in your snort.conf
Thanks, I did and now I got what I wanted.
Though I'm wondering why LOG_SECURITY is not there, if it could be added
and whether I should have seen an error, instead of a silent failure...
bye & Thanks
More information about the Snort-users