Snort.org home  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Downloads Snort Docs Rules Snort Community Snort Forums Snort Training
Search Site
Search Rules
Account
email
password
not registered?
user preferences

Snort Forums Archive

Archive Home » Windows » Anyone using syslog on win32? - I cannot make it work.

Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.

[ Notice: Full Version of This Topic ]

Anyone using syslog on win32? - I cannot make it work.


Posted by capivara on December 14, 2005 10:14:24

Anyone successfully make the alert_syslog work in snort on a win32 platform?

I have tried and failed every time. When I configure - it always sends the alert to the local application event log, not the remote syslog server.


Posted by wd1 on December 15, 2005 17:17:22

If you get it working would you post how you did it.

I cannot even get it to log to the local Kiwi.. It just wants to go to Event Viewer

Dave

Posted by Nzingha on March 11, 2007 15:24:42


I had the same problem. my way around it was to download and install Ntsyslog on my snort host. And then configure ntsyslog to send the application eventlog to a kiwi syslog and created a filter to only display snort alerts.

http://sourceforge.net/projects/ntsyslog/
site feedback | Terms of Use | Privacy Policy | forum archives ©2007 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.