Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: More ACID BASE Help

From: Shaun Marlin <shaun.marlin () canalta com>
Date: Thu, 16 May 2013 19:24:42 +0000
Well I managed to find the barnyard2.conf but now I seem to be having an issue when I try the following commands

# /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0 &
# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G 
/etc/snort/gen-msg.map -S
/etc/snort/sid-msg.map -C /etc/snort/classification.config &

When I run the second command, I get this error

root@SENTRY:/usr/src/barnyard2-master/schemas# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort 
-f snort.log -w /etc/snort/bylog.waldo -G /etc/snort/gen-msg.map -S /etc/snort/sid-msg.map -C 
/etc/snort/classification.config &
[2] 7694
root@SENTRY:/usr/src/barnyard2-master/schemas# -bash: /usr/local/bin/barnyard2: No such file or directory

I looked for the /usr/local/barnyard2 directory, but there is nothing there.

Thanks
-Shaun
--
 Shaun Marlin
 Network Administrator
 Canalta
 Phone: (403) 820-3865
 Cell:  (403) 334-1313
 shaun.marlin () canalta com

---------------------------------------------------------------------------
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential or privileged material.
Any review, retransmission, dissemination or other use of, or taking of any
action in reliance upon, this information by persons or entities other than
the intended recipient is prohibited. If you received this in error, please
notify the sender and delete the material from your computer.
---------------------------------------------------------------------------

-----Original Message-----
From: beenph [mailto:beenph () gmail com]
Sent: Wednesday, May 15, 2013 9:56 PM
To: Shaun Marlin; barnyard2-users () googlegroups com; snort-users () lists sourceforge net
Subject: Re: [Snort-users] More ACID BASE Help

On Wed, May 15, 2013 at 10:21 PM, Shaun Marlin <shaun.marlin () canalta com> wrote:


Hi there again,

So I was directed to use this document http://s3.amazonaws.com/snort-org/www/assets/167/deb_snort_howto.pdf, which to 
its credit has worked well so far.  Right now I am stumped on this section.


4. Install & configure Barnyard2

# cd /usr/src && wget https://github.com/firnsy/barnyard2/archive/master.tar.gz

# tar -zxf master.tar.gz && cd barnyard2-*

# autoreconf -fvi -I ./m4 && ./configure --with-mysql && make && make install

# mv /usr/local/etc/barnyard2.conf /etc/snort

# cp schemas/create_mysql /usr/src



Hi Shaun,
By default you should find barnyard2.conf in /usr/local/etc

Cheers,
-elz

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: