Snort mailing list archives
Re: @barnyard error
From: Peter Bates <peter.bates () ucl ac uk>
Date: Mon, 2 Sep 2013 10:35:37 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello all On 02/09/2013 10:14, anagha b wrote:
I used follwing command to run barnyard but befor that removed barnyard2.waldo file and created new one. usr/local/bin/barnyard2 -f snort.u2 -u root -g root -c /srv/snort/etc/barnyard2.conf -w /var/log/snort/barnyard2.waldo -d /var/log/snort
Did you just delete the .waldo file or actually make a new one? I'd let BY2 make one when it starts up - the WARNING is just informational.
Closing spool file '/var/log/snort/snort.u2.1378112617'. Read 0 records snort not logging into snort.u2? how to solve this?
Is the size of snort.u2.1378112617 increasing when rules are hit? Your snort.conf should just have something like output unified2: filename snort.log, limit 128 defined for the output. What is your command-line to start Snort? - From your previous emails to the list it sounded like you had Snort logging successfully to the unified2 file. - -- Peter Bates Senior Information Security Officer Phone: +44(0)2076792049 Information Services Division Internal Ext: 32049 University College London London WC1E 6BT -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSJFvpAAoJELhVoVpEMS6R0/IH/AnpuX1jc8bCHRFoN4eI5xyc hwIKWE4HqoSr3rfs6q302kivP37rwWxFsoXBUcxD/MGEngwq+OOKqSBr5Q8L4DIj 3WB7pnmecGhkuGwsjMR4GXAQutgJfEZGQWpDe8zXqXpIiseItJyL0pF3VQTahAJP 4EggYWlIpqrifhvUuS55e2g4dvn4agnKLx17eleAWuKBl4Tq0jxjTRMhupc9uoyx V8RREhNr+R7wN1ut1y9IgZEsuHQseL9Xgl4FOJ4NwlXRfXC7r/uZONvMg+fRpFfw RZLwNXLTRM3QW/vYFFxMG+6HQKb5MHZEwjCmP8tOzlfw04fgrHDbcsHeF39+8iw= =+Uhl -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! Discover the easy way to master current and previous Microsoft technologies and advance your career. Get an incredible 1,500+ hours of step-by-step tutorial videos with LearnDevNow. Subscribe today and save! http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- @barnyard error anagha b (Sep 02)
- Re: @barnyard error Peter Bates (Sep 02)
- <Possible follow-ups>
- @barnyard error anagha b (Sep 02)
- Re: @barnyard error Peter Bates (Sep 02)
- @barnyard error anagha b (Sep 02)
- @barnyard error anagha b (Sep 05)