[Snort-users] Send snort alerts via syslog to ArcSight

Pablo Atiaga pablo.atiaga at ...15848...
Thu Sep 27 16:36:00 EDT 2012


Hi everyone.

I need to send snort alert to ArcSight via syslog, i found a 
configuration just changing one line in the snort.conf but it doesn't 
work. I already try sending events with other application and with 
barnyard and work, but i need to send from snort directly because that's 
the only way to send all the parameters correctly. I'm using snort 2.9.3.1.

Thanks for any help that you could provide me,.

Regards.

-- 
Pablo Alberto Atiaga Galeas
IT Security Specialist
EGOVERMENT SOLUTIONS S.A.
+593-93343553
+593-92709534
skype: pablo_ati_g





More information about the Snort-users mailing list