[Snort-users] Send snort alerts via syslog to ArcSight
beenph at ...11827...
Thu Sep 27 16:54:27 EDT 2012
On Thu, Sep 27, 2012 at 4:36 PM, Pablo Atiaga
<pablo.atiaga at ...15848...> wrote:
> Hi everyone.
> I need to send snort alert to ArcSight via syslog, i found a
> configuration just changing one line in the snort.conf but it doesn't
> work. I already try sending events with other application and with
> barnyard and work, but i need to send from snort directly because that's
> the only way to send all the parameters correctly. I'm using snort 18.104.22.168.
I am interested to see which parameters are missing in barnyard2
v2-1.10 syslog_full output module?
More information about the Snort-users