[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Firestorm-nids Patch SYSLOG in current version (pre 053)

To: firestorm@xxxxxxxxxxxxxxxx
Subject: Firestorm-nids Patch SYSLOG in current version (pre 053)
From: rmkml <rmkml@xxxxxxxxxx>
Date: Wed, 19 Mar 2003 14:05:25 +0100
Delivered-to: mailing list firestorm@scaramanga.co.uk
Mailing-list: contact firestorm-help@scaramanga.co.uk; run by ezmlm
Sender: test@xxxxxxxxxx

Hi,

I add syslog on firestorm-nids,

I work on my Freebsd v4.7
(not linux tested ! and sure Im not good)

normal use :
firestorm-nids --write-> firestorm.log
firecat -f log  --read-> firestorm.log   | logger -t firestorm
but not real time event ! (and of course restart firecat !)

new use :
firestorm-nids send directly events in syslog ! (on format "log" short)

(yes new firestorm-nids create firestom.log, but not write after start)

and firecat don't use ...

Add in your firestorm.conf:
output .... buf=0
(not events/packets buffered)

In my patch:
add syslog event after mesg/cleanup in many files ,
change src/alert.c for send syslog directly

Regards

PS: Sorry for my bad English

Attachment: firestorm-patch-syslog.diff.gz
Description: GNU Zip compressed data

Prev by Date: More GUI shenanigans.
Next by Date: firestorm-nids: DNS zone transfer TCP
Previous by thread: More GUI shenanigans.
Next by thread: firestorm-nids: DNS zone transfer TCP
Index(es):
- Date
- Thread