Re: Snort logs
From: Nicolas Jombart (ecureuil@bouglou.net)Date: 12/21/01
- Next message: Thomas Seyrat: "Re: Snort logs"
- Previous message: Paul: "Re: can I run 2 anti-virus programs??"
- In reply to: cc_photo@mtnguy.com: "Snort logs"
- Next in thread: Thomas Seyrat: "Re: Snort logs"
- Reply: Thomas Seyrat: "Re: Snort logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Nicolas Jombart <ecureuil@bouglou.net> Date: Fri, 21 Dec 2001 14:32:15 +0100
* cc_photo@mtnguy.com <cc_photo@mtnguy.com>:
> In the Snort command line it's possible to send the alerts to a
> specified directory by using "-l /usr/local/bin/snort".
-l yes, but not /usr/local/bin please :-)
> My question is, using Linux, is it possible to specify a different
> Linux system?
>
> For instance, if I have Snort running on Linux box "A" and want to
> send the alerts to Linux box "B". Is this possible? And if so, what
> would the command line look like?
The easiest way is to use syslog (snort -s) and send this log entries
via network to another box (see /etc/syslog.conf).
Other ways can be Mysql or some things like dmarc.
-- ecureuil <ecureuil@bouglou.net> Ceci n'est pas une signature.
- Next message: Thomas Seyrat: "Re: Snort logs"
- Previous message: Paul: "Re: can I run 2 anti-virus programs??"
- In reply to: cc_photo@mtnguy.com: "Snort logs"
- Next in thread: Thomas Seyrat: "Re: Snort logs"
- Reply: Thomas Seyrat: "Re: Snort logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
