Snort mailing list archives
Re: Using Barnyard2 with Snort
From: Y M <snort () outlook com>
Date: Fri, 26 Jun 2015 17:57:18 +0000
Robert, I took a quick look at your barnyard2.conf and nothing out of the oridnary is there. However, in the conf file, you have setup barnyard2 to run as daemon, so after you run barnyard2, try running ps aux | grep barnyard2, do you see the process listed? Also, comment out the daemon part in the conf file and run in verbose mode again such as barnyard2 -c /path/to/barnyard2.conf -v and see what output you get. If it is running in daemon mode messages will be printed to syslog or dmesg depending on your distro and not to stdout. YM. From: robert.farnsworth () hp com To: jlay () slave-tothe-box net Date: Fri, 26 Jun 2015 17:00:35 +0000 CC: snort-users () lists sourceforge net Subject: Re: [Snort-users] Using Barnyard2 with Snort HI, James I know your busy but just wanted to reply so you don’t forget about this. Thanks Robert From: James Lay [mailto:jlay () slave-tothe-box net] Sent: Wednesday, June 24, 2015 6:56 AM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Using Barnyard2 with Snort On Mon, 2015-06-22 at 12:37 +0000, Farnsworth, Robert wrote: This is what I get running in verbose. I have attached my barnyard2.conf file. [root@usolglwxoh004 jzcdc0]# /usr/local/bin/barnyard2 -v Running in Continuous mode --== Initializing Barnyard2 ==-- Initializing Input Plugins! Initializing Output Plugins! Parsing config file "./barnyard2.conf" -----Original Message----- From: James Lay [mailto:jlay () slave-tothe-box net] Sent: Friday, June 19, 2015 5:08 PM To: Farnsworth, Robert Cc: snort-users () lists sourceforge net Subject: RE: [Snort-users] Using Barnyard2 with Snort On 2015-06-19 02:55 PM, Farnsworth, Robert wrote:
I cannot get Barnyard to run. It seems to die @ Parsing config file "/etc/snort/barnyard2.conf" -----Original Message----- From: James Lay [mailto:jlay () slave-tothe-box net] Sent: Friday, June 19, 2015 4:46 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] Using Barnyard2 with Snort On 2015-06-19 11:57 AM, Farnsworth, Robert wrote:I realize this is off topic for SNORT, but does anybody know how to get help with a barnyard2 config? I've tried the google group and the e-mail fails. [root@anyhost] /usr/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/snort/barnyard.waldo Running in Continuous mode --== Initializing Barnyard2 ==-- Initializing Input Plugins! Initializing Output Plugins! Parsing config file "/etc/snort/barnyard2.conf" ______ -*> Barnyard2 <*- / ,,_ \ Version 2.1.13 (Build 327) |o" )~| By Ian Firns (SecurixLive): http://www.securixlive.com/ + '''' + (C) Copyright 2008-2013 Ian Firns firnsy () securixlive com Thanks ROBERT L. FARNSWORTH
You'll want to post your barnyard2.conf file as well as try and run it with the -v option for verbose mode, then post the output of that as well. James ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! Haven't forgotten about this....I will try and look at this later today. James ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Using Barnyard2 with Snort Farnsworth, Robert (Jun 19)
- Re: Using Barnyard2 with Snort James Lay (Jun 19)
- Re: Using Barnyard2 with Snort Farnsworth, Robert (Jun 19)
- Re: Using Barnyard2 with Snort James Lay (Jun 19)
- Re: Using Barnyard2 with Snort Farnsworth, Robert (Jun 22)
- Re: Using Barnyard2 with Snort James Lay (Jun 24)
- Re: Using Barnyard2 with Snort Farnsworth, Robert (Jun 26)
- Re: Using Barnyard2 with Snort James Lay (Jun 26)
- Re: Using Barnyard2 with Snort Y M (Jun 26)
- Re: Using Barnyard2 with Snort James Lay (Jun 26)
- Re: Using Barnyard2 with Snort Farnsworth, Robert (Jun 29)
- Re: Using Barnyard2 with Snort James Lay (Jun 30)
- Re: Using Barnyard2 with Snort Farnsworth, Robert (Jun 19)
- Re: Using Barnyard2 with Snort James Lay (Jun 19)