Re: [ISSForum] Re: Log Network Sensor/Server sensor events to Syslog Server

Wed, 05 Nov 2003 10:56:08 -0800

The syslog server will get only those attacks you had selected in the policy response to do it. I mean you have to select every attack you want to be logged by the syslog machine.


Jones, Jeff wrote:
And the syslog server gets all the attacks as well?

Jeff

-----Original Message-----
From: Lorenzo Mart�nez Rodr�guez [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 05, 2003 4:02 AM
To: [EMAIL PROTECTED]
Subject: [ISSForum] Re: Log Network Sensor/Server sensor events to Syslog Server


Hi Johnny,
I had to implement a solution to do that. What I did was call a User
Specified response (passing it some parameters as: IP origin, IP target,
Name Event, etc) which calls an executable script which sends that
information to the UDP 514 port of the syslog collecting machine. That's
all!


--
Lorenzo Mart�nez Rodr�guez
Consultor de seguridad inform�tica

ISC Consultores
Santa Hortensia 2
28002 Madrid

Tel       +34 91 510 43 00
Fax      +34 91 519 81 08

e-mail [EMAIL PROTECTED]


_______________________________________________
ISSForum mailing list
[EMAIL PROTECTED]

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo

-------------------------------------------------------------------------------------
This e-mail is the exclusive, private and confidential property of the sender. The
information contained in it is intended solely for the use of the sender and the
intended recipient. If you are not the intended recipient you are hereby advised that
any unauthorized disclosure, copying, distribution or the taking of any action in
reliance on the contents of this message is strictly prohibited. If you have received
this e-mail in error, please notify us immediately by telephone (call the USF
Corporation Technical Support Center at 1-800-753-4563) and then destroy this
document and any copies in any form immediately.  Finally, the recipient should
check this email and any attachments for the presence of viruses. USF Corporation
accepts no liability for any damage caused by any virus transmitted by this email.
-------------------------------------------------------------------------------------




--



Lorenzo Mart�nez Rodr�guez
Consultor de seguridad inform�tica

ISC Consultores
Santa Hortensia 2
28002 Madrid

Tel       +34 91 510 43 00
Fax      +34 91 519 81 08

e-mail [EMAIL PROTECTED]


_______________________________________________
ISSForum mailing list
[EMAIL PROTECTED]

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo

Reply via email to