[Snort-users] (no subject)

snort at ...17862... snort at ...17862...
Sat May 20 17:49:20 EDT 2017

i installed the ids snort on ubuntu and now i want to send his alerts to
syslog ,
so i uncommented the line : output alert_syslog: LOG_AUTH LOG_ALERT from 
snort.conf , 
next i tested alerts with a simple snort rule to alert when icmp requests
my probleme is that the syslog file changes everytime not just when i send
 so i can't know how to extract and read alerts 
thank you

More information about the Snort-users mailing list