[Oisf-users] Sending Syslog output to Rsyslog + Loganalyzer
Chris Boley
ilgtech75 at gmail.com
Sat Apr 30 16:33:11 UTC 2016
On my home rig I've been just using tail -f to watch the data scroll
through. I'm now getting to where I would like to make my data search-able.
I am seeing where on of my easiest options would possibly be to push to a
syslog server on a separate computer and then monitor my logging. Does
anyone use the ' LogAnalyzer ' syslog interface with rsyslog to log
suricata output?
After reading:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Syslog_Alerting_Compatibility
The template shown in there is representing sysklogd format and not rsyslog
format I think. If nobody has at template, I'll have to figure out what the
example shown is doing in sysklogd format and translate that over to an
equivalent rsyslog format.
Thanks in advance.
Chris Boley
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160430/62baff8e/attachment.html>
More information about the Oisf-users
mailing list