[Snort-users] Snort and real-time alerting

Lay, James james.lay at ...15009...
Wed May 23 10:47:12 EDT 2012


> -----Original Message-----
> From: Jeronimo L. Cabral [mailto:jelocabral at ...11827...]
> Sent: Wednesday, May 23, 2012 8:41 AM
> To: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Snort and real-time alerting
> 
> What about Swatch ??? Is it more appropriate ???
> 
> On Wed, May 23, 2012 at 11:13 AM, Lay, James <james.lay at ...15009...> wrote:
> >> -----Original Message-----
> >> From: Jeronimo L. Cabral [mailto:jelocabral at ...11827...]
> >> Sent: Wednesday, May 23, 2012 8:10 AM
> >> To: snort-users at lists.sourceforge.net
> >> Subject: [Snort-users] Snort and real-time alerting
> >>
> >> Dear, I have a Snort 2.9 with Base running OK, but I need a real time
> >> alerting mechanism via email if possible.
> >>
> >> How can I do that ??? Any extra module to use in that way ???
> >>
> >> Special thanks
> >>
> >> JeLo
> >
> > Log to fast alert then use wots/logsurfer/logwatch to tail/watch the
> > file and email out.  Assuming linux/BSD/OSX.
> >
> > James

Hehe...whatever works :)

James




More information about the Snort-users mailing list