[Snort-users] Send snort alerts via syslog to ArcSight

beenph beenph at ...11827...
Thu Sep 27 16:54:27 EDT 2012


On Thu, Sep 27, 2012 at 4:36 PM, Pablo Atiaga
<pablo.atiaga at ...15848...> wrote:
> Hi everyone.
>
> I need to send snort alert to ArcSight via syslog, i found a
> configuration just changing one line in the snort.conf but it doesn't
> work. I already try sending events with other application and with
> barnyard and work, but i need to send from snort directly because that's
> the only way to send all the parameters correctly. I'm using snort 2.9.3.1.

All parameters?
I am interested to see which parameters are missing in barnyard2
v2-1.10 syslog_full output module?

-elz




More information about the Snort-users mailing list