Posted by:dragorn
Subject:Where does Kismet save alert log?
Date:14:33:47 05/01/2006

> Hello everybody,
> I have to develop a plugin for an application that read the file or the syslog where kismet ids log the alert specified in the readme in order then to produce an xml file with this content.

Kismet doesn't log alerts. Unreleased kismet-newcore does.

> Can you give me some information about where kismet logs the ids monitor alert and if kismet log these in the syslog ora in a file, please?

Neither. This would be trivial to implement as a client, however, and thats generally the path I suggest people take. The only way to get live data out of kismet is to grab it from the client/server interface, which alerts are reported on. From there you can syslog it, insert it into a database, whatever makes you happy. Even with newcore logging to file, the file is meant as a 'dead' record, not a runtime method to read them, so you'd still want to grab them off the client-server interface.

> Moreover How I can simulate various alert to view what kismet will write in the file/syslog??

Send it packets that causes it to pop up an alert (either live, or off a crafted file with pcapfile). What those packets are depends on the alert.


