[Snort-users] Sending syslog alerts from Snort on ArchLinux on RPI b+
bg31bf at ...17126...
Mon Mar 23 14:45:25 EDT 2015
Im issuing the command snort -d -h 192.168.1.0/24 -c /etc/snort/snort.conf
-s and on the syslog server i have syslog watcher 4.7.4 on windows 7. Then
i set up a rule for rules.conf file to alert ICMP packets. When I ping from
the windows machine to the Raspberry Pi the ICMP traffic is reported within
the console if snort is ran with the -A console option. But when the -s
option is selected it doesnt send alerts to the Syslog server. I did
configure the snort.conf in the syslog section with the IP address and 514
port of the Syslog server still no dice.
Am I missing something?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users