Message: 9
Date: Thu, 24 Feb 2005 18:40:45 +0530
From: Devdas Bhagat <devdas(a)dvb.homelinux.org>
Subject: Re: [ILUG-BOM] Re snort trouble
To: "GNU/Linux Users Group, Mumbai, India"
<linuxers(a)mm.ilug-bom.org.in>
Message-ID: <20050224184045.A1936(a)evita.devdas.geek>
Content-Type: text/plain; charset=us-ascii
On 24/02/05 00:56 -0800, Ninad Purohit wrote:
<snip>
i want snort to log alerts with priority local6
and
facility alert
Please prove that snort is not logging to
local6.alert
then my syslog would redirect all syslogs with
priority local6 (based on a rule i write in
syslog.conf) to a listener ( netforensics agent)
Please show the relevant line from syslog.conf
the line from syslog is
local6 @202.X.X.X
i even tried logging it to a seperate file with
local6
/var/log/snort.log
the line from snort.conf is
output alert_syslog: LOG_LOCAL6 LOG_ALERT
but if i try file logging tail -f shows no logs
comming in and i see no udp packets going to the
destination host on port 514 in ethereal if i try
forwarding it to a different host
=====
ninad purohit
ninadonline(at)yahoo(dot)co(dot)in
have a nice day :-)
__________________________________
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.