Menu

#39 DYNAMIC Syslog Priority reverts to Emergency

v1.0_(example)
open
nobody
DYNAMIC Syslog Priority reverts to Emergency (1)
1
2013-12-13
2012-10-30
T_P
No

Hi Guys,

I downloaded the lastest "SnareForWindows-4.0.1.2-MultiArch" installer and after installing it I noticed that the problem reported in https://sourceforge.net/p/snare/bugs/37/ still exists. Syslog priority set to DYNAMIC switches back to "Emergency". From that article it seems like a new version was made available in May\June, with a bugfix. however I am not able to find anything newer from the InterSect Alliance site.

FWIW when I right-click on the installed snarecore.exe that is installed using the "SnareForWindows-4.0.1.2-MultiArch" installer and check the version # it still shows as 4.0.1.1. I have tested this on windows XP, win2K3STD 64-bit and win2K8STD r2.

Any help or suggestions are greatly appreciated.
thx
tony

Discussion

  • CornMaster

    CornMaster - 2013-04-08

    I found the same issue. If you open regedit and go to HKEY_LOCAL_MACHINE -> SOFTWARE -> InterSect Alliance -> AuditService -> Network and change SyslogDest to 160 (decimal) then you get dynamic.

     

  • Nikhil

    Nikhil - 2013-04-22

    I also am still having the issue. Changed SyslogDest to 160, but it still reverts the setting from DYNAMIC to EMERGENCY. W2k8Ent R2

     

  • JasonO

    JasonO - 2013-12-13

    By changing the HKLM\SOFTWARE\InterSect Alliance\AuditService\Network\SyslogDynamicCritic Key from 0 to 1(Hex) I was able to enable Dynamic Priorities. Tested on both Server 2008R2 and Server 2012R2

     

Log in to post a comment.

MongoDB Logo MongoDB