Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: barnyard file reading question

From: "AJ Butcher, Information Systems and Computing" <Alex.Butcher () bristol ac uk>
Date: Mon, 23 Feb 2004 08:56:29 +0000


--On 22 February 2004 21:23 -0800 Mark Olbert <mark () arcabama com> wrote:




I'm having trouble getting barnyard to read files:

[root@sox /home/mark]# barnyard -f /var/log/snort/snort.log.1077507761


[snip]


WARNING: '/' detected in filename.  Correcting your mistake!!!!

WARNING: spool_dir set to "/var/log/snort"

Barnyard Version 0.1.0 (Build 17) started

Unable to open spool file

Exiting



Using a local file name (i.e., leaving off the /var/log/snort) also
results in an "unable to open spool file" error.

I'm sure I'm missing something obvious, but I haven't been able to figure
it out so far...


Try 'barnyard -d /path/to/snort.log.nnnn's/parent/directory -f snort.log'


- Mark


Best Regards,
Alex.
--
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9




-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: