Snort mailing list archives
Re: Barnyard2 startup error: Snort not compiled to use mysql but --with-mysql option invalid
From: beenph <beenph () gmail com>
Date: Wed, 24 Apr 2013 16:00:04 -0400
On Wed, Apr 24, 2013 at 3:43 PM, Kurt Jensen <kjensencissp () gmail com> wrote:
hello: We have a working install of Snort 2.9.4.5 on SuSE 12.2 that logs fine but we need to use Barnyard2 and send this data to mysql. We did not know of any manual steps or added options being required to compile Snort for mysql use with barnyard. When we start barnyard2 for use with Snort, mysql and Snorby we get the "snort not compiled for use with mysql" errors and barnyard2 fatals out. We found some options online for snort compiling that also did not work or: ./configure --with-mysql when trying that option or several versions of it the compile runs to the end but then fails at this step and flags it as an invalid option. Can anyone tell us what the correct command and options are please to compile Snort and Barnyard to use mysql? Thanks!
To configure barnyard2 with mysql you will need to download barnyard2 source.
From : www.github.com/firnsy/barnyard2
Direct tarball link : http://www.github.com/firnsy/barnyard2/archive/master.tar.gz Then you will need to make sure you have installed mysql client libraries and headers (this is generaly mysql-dev package on most distro).
From there you will need to make sure your mysql libraries are in your
libaries dynamic path. ex: ldconfig -v | grep mysql If you have no row you will need to find the path of your mysql libraries and add it to /etc/ld.so.conf then retype ldconfig to make it load the new libraries and then re-execute the above command to validate that the libraries are now in the dynamic library cache.
From there you will be able to run barnyard2 configure correctly.
./configure --with-mysql then make and you can decide to run make install or copy the binary where ever you like and continue with the process. Hope this helps, -elz ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard2 startup error: Snort not compiled to use mysql but --with-mysql option invalid Kurt Jensen (Apr 24)
- Re: Barnyard2 startup error: Snort not compiled to use mysql but --with-mysql option invalid beenph (Apr 24)
- <Possible follow-ups>
- Re: Barnyard2 startup error: Snort not compiled to use mysql but --with-mysql option invalid Y M (Apr 24)