Re: barnyard regular restart required

[Ian Masters <ian () acces co jp>]

Bamm

Sorry for the delay replying.

> 1) grep -v '^#' barnyard.conf | grep -v ^$

config daemon
config localtime
config hostname: mail-op-snort
config interface: eth0
config filter: not port 22
output alert_acid_db: mysql, sensor_id 1, database snort, server
localhost, user snort, password xxxxxxxx
output log_acid_db: mysql, database snort, server localhost, user snort,
password xxxxxxxx, detail full

> 2) Command line used to start barnyard

/usr/local/bin/barnyard -c /etc/snort/barnyard.conf -g
/etc/snort/gen-msg.map -s /etc/snort/sid-msg.map -d /var/log/snort -f
snort.log -w /var/log/snort/barnyard.waldo -D

> 3) grep '^output' snort.conf

output alert_unified: filename snort.alert, limit 128
output log_unified: filename snort.log, limit 128

> 4) Command line used to start snort

/usr/local/bin/snort -i eth0 -c /etc/snort/snort.conf -D -g snort -u snort

Ian


------------------------------------------------------------------------------
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users