'RE: [Snort-sigs] swatch / sig issue'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       snort-sigs
Subject:    RE: [Snort-sigs] swatch / sig issue
From:       "Nick Duda" <nduda () VistaPrint ! com>
Date:       2003-11-18 16:05:08
[Download RAW message or body]

Thanks for the recommendation. I did find out how to use swatch to do
all what I wanted perfectly ( a bit of RTFM). Syslog+Swatch=good results
:)

- Nick

-----Original Message-----
From: Edin Dizdarevic [mailto:edin.dizdarevic@interActive-Systems.de] 
Sent: Tuesday, November 18, 2003 11:03 AM
To: Nick Duda
Cc: snort-sigs@lists.sourceforge.net
Subject: Re: [Snort-sigs] swatch / sig issue


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Nick,

Have you tried logsurfer? I think I've read somewhere that logsurfer was
developed out of swatch due to its limited capabilities. However, I'm
not sure about this.

Anyway, logsurfer is _very_ powerful. I use it for observation of all my
logfiles. There are also many examples including some for Snort.

Take a look on older snort-user threads, since we have this discussed
there...

Regards,
Edin


Nick Duda schrieb:

| Perhaps this is the wrong forum for this, but I cant find any 
| resources to help on this.
|
| I have swatch running, however is their anyway to make it echo more 
| then the first line to an email, screen , anything. I have it working 
| but it only sends the line it finds on the "watch for" statement.
|
| Thanks,
| Nick
|

- --
Edin Dizdarevic
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/ukKtMGG0isywXOwRAtYWAJwN4Xd7gZ6o2FJioDx2UEy7QifUkgCg0vbK
ieWOaqKXPj9qsIwbAYSm/aI=
=TuO8
-----END PGP SIGNATURE-----



-------------------------------------------------------
This SF. Net email is sponsored by: GoToMyPC
GoToMyPC is the fast, easy and secure way to access your computer from
any Web browser or wireless device. Click here to Try it Free!
https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic