TCPdump & Snort - Intrusion Detection Systems
TCPdump & Snort - Intrusion Detection Systems
TCPdump & Snort - Intrusion Detection Systems
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Output I<br />
Various output modules available for flexible logging and<br />
alerting<br />
Logging to syslog<br />
Allows specification of facility, priority, options<br />
(‘official’ syslog interface, see man 3 syslog for details)<br />
Example output alert_syslog: log_auth, log_warning<br />
Logging to remote syslog daemon<br />
output alert_syslog: 192.168.5.2:514, log_auth, log_warning<br />
Logging to files<br />
output alert_fast: filename logs one-liners to a file<br />
output alert_full: filename logs full packet headers<br />
<strong>TCPdump</strong> & <strong>Snort</strong> Thomas Fischer February 3, 2010 Page 26