O'Reilly logo

Intrusion Detection Systems with Snort: Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID by Rafeeq Ur Rehman

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

4.2. Output Modules

Output modules are used to control the output from Snort detection engine. By default, the output from alerts and logs go into files in the /var/log/snort directory. Using output modules, you can process output and send output messages a number of other destinations. Commonly used output modules are:

  • The database module is used to store Snort output data in databases.

  • The SNMP module can be used to send Snort alerts in the form of traps to a management server.

  • The SMB alerts module can send alerts to Microsoft Windows machines in the form of pop-up SMB alert windows.

  • The syslog module logs messages to the syslog utility. Using this module you can log messages to a centralized logging server.

  • You can also use XML or CSV modules ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required