From My Notepad
Jump to: navigation, search


SNARE Network Configuration

Destination Snare Server address: [set to syslog server]
Destination Port: 514
Perform a scan of ALL objectives, and display the maximum criticality: uncheck
Allow SNARE to automatically set audit configuration: check
Allow SNARE to automatically set file audit configuration: check
Export Snare Log data to a file: uncheck
Enable active USB auditing: uncheck

Enable SYSLOG Header: check
SYSLOG Facility: User
SYSLOG Priority: Notice