Snort and syslog.
-
Hi all,
Is there any possibility to send snort alerts to syslog server?
Br,
Ville
-
Not sure that this will work ATM. You can always remotely query it with exec_raw.php, however.
-
Thanks for info.
This would be nice feature if you have central syslog-server.
Do anyone knows if its impossible to compile that feature inside
snort? Because there is that syslog line, but i think that is not
taken part of this compiling configuration.Br,
Ville
-
Actually I just checked, snort is already sending items to the primary logging tab which should work with remote syslog.
-
Hi,
True if you mean "Diagnostics: System logs: System" page, but it send
only blocked information, not full alert (right).I want to send syslog "Services: Snort: Snort Alerts" page information.
Br,
Ville
-
Hi,
True if you mean "Diagnostics: System logs: System" page, but it send
only blocked information, not full alert (right).I want to send syslog "Services: Snort: Snort Alerts" page information.
Br,
Ville
Oh okay, yeah that won't work currently.