23 Feb
2005
23 Feb
'05
1:39 p.m.
On 23/02/05 01:08 -0800, Ninad Purohit wrote:
I have a snort (snort2.3) and i need it to forward the alerts to a syslog server with priority local6
ading alert_syslog: log_local6 log_alert to snort.conf
doesn't work i even tried the -s option
while i get local syslogs in /var/log messages i can not get snort to log to some other file or to a different syslog server
If snort is logging to syslog, then you need to configure your syslogd to forward the traffic to the other host. Once Snort dumps the traffic to /dev/log, it is not the responsibility of Snort to send it elsewhere.
man 5 syslog.conf man 8 syslogd
Devdas Bhagat