In order to log something to syslog in Ubuntu we need to edit the file.
#gedit /etc/rsyslog.d/50-default.conf
#Snort - Alerts
local0.* /var/log/snort/snort_alerts_syslog.log
Then we need to restart the syslog so that it will reread the config file.
#service rsyslog restart
Now once this is done we can go inside the /var/log/snort/ folder and list it to see if the new file is created or not.
#gedit /etc/rsyslog.d/50-default.conf
#Snort - Alerts
local0.* /var/log/snort/snort_alerts_syslog.log
Then we need to restart the syslog so that it will reread the config file.
#service rsyslog restart
Now once this is done we can go inside the /var/log/snort/ folder and list it to see if the new file is created or not.
No comments:
Post a Comment