Snort mailing list archives
Re: barnyard 2.0.0 & snort-2.8.1
From: Joel Esler <joel.esler () sourcefire com>
Date: Sat, 26 Apr 2008 20:42:03 -0400
The sfunified perl script at www.snort.org/users/brvenik. Iirc -- Joel Esler Sent from my iPhone On Apr 26, 2008, at 6:31 PM, Russell Fulton <r.fulton () auckland ac nz> wrote:
Replying to myself ;) Seconds after posting I had an inspiration and found that the output line was missing in the config for this sensor so snort must have been using the new output format. What reads the new format? Clearly barnyard does not... Russell On 27/04/2008, at 10:20 AM, Russell Fulton wrote:On just one of my sensors I am having problems with barnyard refusing to read snort log files: Apr 27 10:14:55 monitor-dmzi barnyard[12240]: Opened spool file '/ home/ snort/data/eth2//snort.log.1209245479' Apr 27 10:14:55 monitor-dmzi barnyard[12240]: FATAL ERROR: ERROR: No input plugin found for magic: a1b2c3d4 So far as I can tell the set up is the same as of at least two other sensors which work fine. Any idea what is gong on? Russell --- --- ------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users--- ---------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- barnyard 2.0.0 & snort-2.8.1 Russell Fulton (Apr 26)
- Re: barnyard 2.0.0 & snort-2.8.1 Russell Fulton (Apr 26)
- Re: barnyard 2.0.0 & snort-2.8.1 Joel Esler (Apr 26)
- Re: barnyard 2.0.0 & snort-2.8.1 Bamm Visscher (Apr 26)
- Re: barnyard 2.0.0 & snort-2.8.1 Russell Fulton (Apr 26)