Hello Mike,
yes, that worked great. had to cpan a few modules but that was it. very helpful software, thanks. wb > On Jul 04, 2013, eMyListsDDg wrote: >> i have ipcop fw that syslogs its logs to an internal linux box at >> /var/logs/rsyslog/ipcop/messages >> wanted to try psad as a fw analyzer. >> in the /etc/psad/psad.conf file there is a var that holds the value of the >> messages file location: >> ### >> ENABLE_SYSLOG_FILE Y; >> IPT_WRITE_FWDATA Y; >> #IPT_SYSLOG_FILE /var/log/messages; >> IPT_SYSLOG_FILE /var/log/rsyslog/ipcop/messages; >> ### >> will psad work if i change the default location of the messages file to >> where ipcop's message file is located? > Yes, that should work. You will need to restart psad after making that > configuration change. > Thanks, > --Mike > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Windows: > Build for Windows Store. > http://p.sf.net/sfu/windows-dev2dev > _______________________________________________ > psad-discuss mailing list > psad-discuss@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/psad-discuss -- Bill Key fingerprint = DB4D 251B FE8A BDCD 2BE4 E889 13F1 78D0 A386 B32B ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ psad-discuss mailing list psad-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/psad-discuss
