Re: [Snort-users] syslog output

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yes, Barnyard can output via the alert_syslog module.

Joel

hchlai@netscape.net wrote:
> Awesome. It works perfectly! However, wouldn't it hamper the performance
> of Snort? I run barnyard on the same box too, would it be possible to
> configure barnyard to send syslog to a remote syslog server?
>
> Thanks!
>
> HinSuk
>
>
> -----Original Message-----
> From: rmkml <rmkml@free.fr>
> To: hchlai@netscape.net
> Sent: Mon, 22 May 2006 18:08:23 +0200 (CEST)
> Subject: Re: [Snort-users] syslog output
>
> Hi,
> snort syslog localy,
> and run syslogd/syslog-ng to remote syslog srv ...
> Regards
> Rmkml
>
> On Mon, 22 May 2006, hchlai@netscape.net wrote:
>
>> Date: Mon, 22 May 2006 12:00:20 -0400
>> From: hchlai@netscape.net
>> To: snort-users@lists.sourceforge.net
>> Subject: [Snort-users] syslog output
> > > Can I configure Snort (running on Linux) to do syslog output to a
> syslog > server? It seems "output alert_syslog: host=192.168.1.1,
> LOG_AUTH LOG_ALERT" > doesn't work.
> > I can see Snort is running, but the traffic is not going to the
> appropriate > syslog server. It just don't do anything.
>> Anybody has similar situation?
>>
>> HinSuk
>>
>> __________________________________________________ _
>> Try the New Netscape Mail Today!
>> Virtually Spam-Free | More Storage | Import Your Contact List
>> http://mail.netscape.com
>>
>>
>>
>> -------------------------------------------------------
> > Using Tomcat but need to do more? Need to support web services,
> security?
> > Get stuff done quickly with pre-integrated technology to make your
> job easier
> > Download IBM WebSphere Application Server v.1.0.1 based on Apache
> Geronimo
> > http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users@lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/...fo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.p...st=snort-users
>>
>
>
> __________________________________________________ _
> Try the New Netscape Mail Today!
> Virtually Spam-Free | More Storage | Import Your Contact List
> http://mail.netscape.com
>
>
>
> -------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job
> easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
> _______________________________________________
> Snort-users mailing list
> Snort-users@lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/...fo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.p...st=snort-users
>

- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEciK1KbCSyXHckt4RAlw+AJ9sjpbVg9GptUaO7xUEz3 Kftjr86wCgkA/K
2g53NkjDvUaBdsvGuBomusA=
=Pb1l
-----END PGP SIGNATURE-----


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users