From the course: Protecting Your Network with Open Source Software
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Log forwarding: Part 1
From the course: Protecting Your Network with Open Source Software
Log forwarding: Part 1
- [Instructor] In this lesson, we'll configure snort to forward its log messages to a syslog ng server. Let's modify the snort configuration file. Type CD, space, etc, snort. Press Enter. Type LS. Press Enter. You can see the snort.conf file here. Let's edit the file as a root user. Type sudo space, nano, space, snort.conf. Press Enter. Let's do a search and look for syslog Press Ctrl and W together to do the search. Enter syslog as a search term. Press Enter. We've found the line we need. Uncomment this line. By uncommenting, what I mean is removing the pound sign. The line says output alert_syslog, log auth, log alert. Press Ctrl and X together to save the file. Type Y, press Enter. Now, snort is ready to send its log messages to a syslog ng server. However, there's one more step you should take. When you run snort, you need to use a special option which is dash lowercase S to…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.