Snort mailing list archives
RE: OT: Help with Barnyard
From: "Gordon Cunningham" <gcunnin2 () bellsouth net>
Date: Wed, 9 Apr 2003 11:17:50 -0400
Ralf, It does appear the "undefined compress" is one of the problems in getting mudpit or barnyard to work. Any idea where to look for this? - Gordon -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Ralf Spenneberg Sent: Wednesday, April 09, 2003 1:08 AM To: SnortUsers Subject: Re: [Snort-users] OT: Help with Barnyard
Subject: [Snort-users] OT: Help with Barnyard However, I?m having a heck of a time configuring barnyard! I get around
one
issue only to stumble onto another. I?m running barnyard 0.1.0 on the
same
machine as snort for testing, and snort is writing unified log/alert
files,
but I can?t seem to get barnyard to process them without an error. Lately it?s ?Unknown output plugin "alert_acid_db" referenced? or similar. What
am
I missing?
Well, did you compile barnyard with "--enable-mysql"? Your Snort installation needs: gen-msg.map, sid-msg.map and classification.config If you are using Red Hat Linux you will find a barnyard RPM package at my site: http://www.spenneberg.org/IDS Cheers, Ralf -- Ralf Spenneberg UNIX/Linux Trainer and Consultant, RHCE, RHCX Waldring 34 48565 Steinfurt Germany Fon: +49(0)2552 638 755 Fax: +49(0)2552 638 757 Mobil: +49(0)177 567 27 40 Markt+Technik Book: Intrusion Detection für Linux Server IPsec/PPTP Kernels for Red Hat Linux: http://www.spenneberg.com/.net/.org/.de Honeynet Project Mirror: http://honeynet.spenneberg.org Snort Mirror: http://snort.spenneberg.org ------------------------------------------------------- This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=ort-users ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger for complex code. Debugging C/C++ programs can leave you feeling lost and disoriented. TotalView can help you find your way. Available on major UNIX and Linux platforms. Try it free. www.etnus.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: OT: Help with Barnyard Ralf Spenneberg (Apr 08)
- RE: OT: Help with Barnyard Gordon Cunningham (Apr 09)
- RE: OT: Help with Barnyard Ralf Spenneberg (Apr 09)
- RE: OT: Help with Barnyard Gordon Cunningham (Apr 10)
- RE: OT: Help with Barnyard Ralf Spenneberg (Apr 10)
- RE: OT: Help with Barnyard Gordon Cunningham (Apr 10)
- RE: OT: Help with Barnyard Ralf Spenneberg (Apr 10)
- RE: OT: Help with Barnyard Gordon Cunningham (Apr 10)
- RE: OT: Help with Barnyard Ralf Spenneberg (Apr 09)
- RE: OT: Help with Barnyard Gordon Cunningham (Apr 09)
- <Possible follow-ups>
- Re: OT: Help with Barnyard Ralf Spenneberg (Apr 10)