[Snort-users] Sending syslog alerts from Snort on ArchLinux on RPI b+

David Futsi bg31bf at ...17126...
Mon Mar 23 14:45:25 EDT 2015


Hi,
Im issuing the command snort -d -h 192.168.1.0/24 -c /etc/snort/snort.conf
-s and on the syslog server i have syslog watcher 4.7.4 on windows 7. Then
i set up a rule for rules.conf file to alert ICMP packets. When I ping from
the windows machine to the Raspberry Pi the ICMP traffic is reported within
the console if snort is ran with the -A console option. But when the -s
option is selected it doesnt send alerts to the Syslog server. I did
configure the snort.conf in the syslog section with the IP address and 514
port of the Syslog server still no dice.

Am I missing something?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150323/9637de2e/attachment.html>


More information about the Snort-users mailing list