Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[Snort-users] how to make a single unified syslog file
From: ke chen (fancyblue_kurtyahoo.com)
Date: Fri Jun 25 2004 - 13:42:37 CDT
I would like to snort to output log messages to
syslogd,and use logrotate to execute log file
the following is my configuration of snort and syslog
#Step 1: Set the network variables:
var HOME_NET 10.0.0.0/24
var EXTERNAL_NET any
# Step #2: Configure preprocessors
preprocessor stream4: detect_scans,
preprocessor flow: stats_interval 0 hash 2
preprocessor frag2: timout 60, memcap 4194304
preprocessor portscan: $HOME_NET 5 60
# Step #3: Configure output plugins
output alert_syslog: LOG_AUTH LOG_ALERT
However, snort not only generate snort.log file but
also produce some other files. What i whant is just
one single file containing all NIDS findings which can
be managed by syslogd.
Could someone help me to solve this problem?
By the way, i would also like to know how to compile
snort with static library. In some previous posts, it
is said to configure LDFLAG=static, but I really need
more detailed infor about it.
Thank you in advance.
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
Snort-users mailing list
Go to this URL to change user options or unsubscribe:
Snort-users list archive: