[Snort-users] Unrecognised syslog facility/priority in snort

Mayur Patil ram.nath241089 at ...11827...
Thu Aug 1 06:34:41 EDT 2013


Hello,

    I have done a lot google but found post mostly regarding Barnyard; not
specific to Snort

    I also tried various blog post for remote rSyslog exportation but not
getting answer for this.

    I set logs exportation settings as per manual of snort

    output alert_syslog: host=10.1.1.1:514, <facility> <priority> <options>

    So, in snort.conf file

    #syslog

    output alert_syslog: host=ip:port, LOG_AUTH LOG_ALERT

    it gives error of unrecognised facility when I run snort in NIDS mode.

    But it does not give error for

    output alert_syslog: LOG_AUTH LOG_ALERT

    What is going wrong ?

    Please guide.

    Thanks !!


P.S. :  Snort.conf file :  http://pastebin.com/dkMRrfxp

-- 
*Cheers,
Mayur*.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130801/fae88f0a/attachment.html>


More information about the Snort-users mailing list