Hi I'm trying to build up an email alerting system with snort 2 and logsurfer 1.5. Basically it's working; I get the emails from the snort box when snort acction occurs in the messages log. Problem is, the mail bodies are empty. That's the logsurfer command: '(.*snort:.*)' - - - 0 report "/usr/lib/sendmail -F ALERT@domain.com psnizek "security alert: $1"" "$1" please, can anybody help? thanks a lot & kind regards, Philipp
Blind shot: '(.*snort:.*)' - - - 0 report "/usr/lib/sendmail -F ALERT@domain.com psnizek \"security alert: $1\"" "$1" Dirk
-----Original Message----- From: mailinglists [mailto:mailinglists@belfin.ch] Sent: Monday, June 02, 2003 9:57 PM To: suse-security@suse.com Subject: [suse-security] snort & logsurfer
Hi
I'm trying to build up an email alerting system with snort 2 and logsurfer 1.5. Basically it's working; I get the emails from the snort box when snort acction occurs in the messages log. Problem is, the mail bodies are empty.
That's the logsurfer command:
'(.*snort:.*)' - - - 0 report "/usr/lib/sendmail -F ALERT@domain.com psnizek "security alert: $1"" "$1"
please, can anybody help?
thanks a lot & kind regards,
Philipp
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (2)
-
Dirk Schreiner
-
mailinglists