[Snort-users] (no subject)

snort at ...17862... snort at ...17862...
Sat May 20 17:49:20 EDT 2017




hello
i installed the ids snort on ubuntu and now i want to send his alerts to
syslog ,
so i uncommented the line : output alert_syslog: LOG_AUTH LOG_ALERT from 
snort.conf , 
next i tested alerts with a simple snort rule to alert when icmp requests
occurs
my probleme is that the syslog file changes everytime not just when i send
requests 
 so i can't know how to extract and read alerts 
thank you



More information about the Snort-users mailing list