Exporting logs from Snort to Syslog-ng to Redis -
i using snort 2.9.3 , export logs syslog-ng, , syslog-ng redis database. found plugin: syslog-ng-mod-redis however, include this?
how can confirm logs produced snort can read syslog-ng?
i using ubuntu 16.04
if install plugin, loaded automatically. can check following command:
syslog-ng -v
on ubuntu syslog-ng confined apparmor. check security logs, , if see access denied, add rule apparmor able read snort logs.
Comments
Post a Comment