|
Configuring the Pack X IDScenter (SNORT front end) |
Top Previous Next |
|
IDScenter is a configuration and management tool for Snort IDS on Windows platforms.
It can be downloaded from:
http://www.packx.net/packx/html/en/index-en.htm
Alerts can be sent to Kiwi Syslog Server by using an output plugin.
Configuration:
From the IDScenter main window, choose the IDS Rules tab on the left hand side. Press the Output plugins icon on the left hand side You will now see a list of all the configured output plugins.
To add a new plugin, press the -> Add button and choose "Syslog Alert Plugin" from the popup menu.
A configuration display for this plugin will appear in the lower part of the window.
Select the facility and priority (level) that you want to have the alert messages sent on.
Facility: LOG_LOCAL7 Priority: LOG_ALERT
Then check all the error conditions that you want to be notified about.
LOG_CONS, LOG_PERROR, LOG_NDELAY, LOG_PID
Then press the Add button on the lower right hand side. Your syslog alert output plugin should now appear in the top list.
|