[Oisf-users] Output FAST formatted logs to syslog?
Duane Howard
duane.security at gmail.com
Wed May 13 22:24:02 UTC 2015
Trying to figure out if the best way to syslog Snort/fast style alerts from
Suricata is to output to a file, and configure syslog to pick that up,
since suricata.yaml doesn't seem to allow 'syslog' as a target, like Eve
does.
fast:
filetype: 'regular', 'unix_stream' or 'unix_dgram'
Eve:
type: file #file|*syslog*|unix_dgram|unix_stream
-- additional syslog options here.
Any other hacks or workarounds that I should be aware of? Why isn't syslog
a supported output mechanism for fast type alerts?
./d
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150513/49b806dd/attachment.html>
More information about the Oisf-users
mailing list