Firewall Analyzer supports most versions of Snort.
snort.conffile (available at
/etc/snort/snort.confin linux and
c:\Snort\bin\snort.confin windows) uncomment the line that contains
output information_syslogand enter the logging facility and the desired detail level (for example:
output alert_syslog:host=hostname:port, LOG_AUTH LOG_ALERT)
config show_yearto ensure that year has been included in the alerts generated by Snort.
*.* @<server_name>at the end, where
<server_name>is the name of the machine on which Firewall Analyzer is running.