[syslog-ng]syslog-ng + Snort

Elton Ramos Carvalho elton_carvalho@datasul.com.br
Tue, 14 May 2002 09:55:51 -0300 

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------=_NextPartTM-000-8d7ae419-69d9-4d4f-b106-53c2c15171fd
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_001_01C1FB46.AD5FBE20"

------_=_NextPart_001_01C1FB46.AD5FBE20
Content-Type: text/plain

Hi,
 
  The syslog-ng don't log any alert of snort.
   I'm using syslog-ng-1.5.17 and the configuration file
syslog-ng.conf.sample tha come with it.
   The syslog is loging all snort alerts without problem.
   I'm using snort with -s option and LOG_ATHPRIV and LOG_ALERT in
configuration file
 
Tks
 

------_=_NextPart_001_01C1FB46.AD5FBE20
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=US-ASCII">
<TITLE>Message</TITLE>

<META content="MSHTML 6.00.2600.0" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2><SPAN 
class=312514912-14052002>Hi,</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN 
class=312514912-14052002></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT face=Arial size=2><SPAN class=312514912-14052002>&nbsp; The syslog-ng 
don't log any&nbsp;alert of snort.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN class=312514912-14052002>&nbsp;&nbsp; I'm 
using&nbsp;syslog-ng-1.5.17</SPAN></FONT><FONT face=Arial size=2><SPAN 
class=312514912-14052002>&nbsp;and the configuration file syslog-ng.conf.sample 
tha come with it.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN class=312514912-14052002>&nbsp;&nbsp; The 
syslog is loging all snort alerts without&nbsp;problem.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN class=312514912-14052002>&nbsp;&nbsp; I'm 
using snort with -s option and LOG_ATHPRIV and LOG_ALERT in configuration 
file</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN 
class=312514912-14052002></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT face=Arial size=2><SPAN 
class=312514912-14052002>Tks</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN 
class=312514912-14052002></SPAN></FONT>&nbsp;</DIV></BODY></HTML>

------_=_NextPart_001_01C1FB46.AD5FBE20--

------=_NextPartTM-000-8d7ae419-69d9-4d4f-b106-53c2c15171fd--