3. Snort and syslog.

Snort and syslog.

  • V

    Hi all,

    Is there any possibility to send snort alerts to syslog server?

    Br,

    Ville

    0
  • S

    Not sure that this will work ATM.  You can always remotely query it with exec_raw.php, however.

    0
  • V

    Thanks for info.

    This would be nice feature if you have central syslog-server.

    Do anyone knows if its impossible to compile that feature inside
    snort? Because there is that syslog line, but i think that is not
    taken part of this compiling configuration.

    Br,

    Ville

    0
  • S

    Actually I just checked, snort is already sending items to the primary logging tab which should work with remote syslog.

    0
  • V

    Hi,

    True if you mean "Diagnostics: System logs: System" page, but it send
    only blocked information, not full alert (right).

    I want to send syslog "Services: Snort: Snort Alerts" page information.

    Br,

    Ville

    0
  • S

    @vleinone:

    Hi,

    True if you mean "Diagnostics: System logs: System" page, but it send
    only blocked information, not full alert (right).

    I want to send syslog "Services: Snort: Snort Alerts" page information.

    Br,

    Ville

    Oh okay, yeah that won't work currently.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy