Snort mailing list archives

Error mapping some Snort events

From: "Angel Chiriboga" <angel.chiriboga () digitalsecurity com ec>
Date: Wed, 2 Apr 2014 09:12:07 -0500

Hi,

 

I need your support, I have problems with some Snort events mapping.

 

I use barnyard2 for send the events to arcsight and Mysql (snorby), but the
"message" of some events doesnt arrive ok. The events with errors arrive in
the following way:

 

Snort Alert [x:xxxx:x]

 

I use the pulledpork for update de sid-msg.map every sunday, and my
barnyard2 script run correctly.

 

Thanks for your help.

 

Regards.

 

Ángel Chiriboga Torres | Security Specialist

Tel: (593 2) 2868-931

Cel: (593) 995093859  - (593) 958847386

 <http://www.digitalsecurity.com.ec/> http://www.digitalsecurity.com.ec

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Error mapping some Snort events Angel Chiriboga (Apr 02)