Re: Snort, Barnyard, Acid - Lack of paylod

[Michael Anderson <mca () arlut utexas edu>]

I had the same problem.  Make sure you specify detail full in your 
barnyard.conf file.  The detail seems to be set to fast by default which 
only inserts the hdr and event information.  I found this out by looking 
through the code.  I could not find any documentation describing this 
configuration parameter.

Example barnyard.conf:
output log_acid_db: mysql, database db, server localhost, user user, 
password passwd, detail full

-Mike

John J. Nagro wrote:

> hello all,
>
> i am currently trying to run snort sensors logging to unified
> output (alerts) and barnyard to pick them up and toss them into
> a database that i look at via acid. It works but i cant get it
> to log payload, whats going on?
>
> Thanks in advance!
>
> -John Nagro
>
> (i am new to the list, i apologize if this is a topic thats
> already been covered, a link to that thread would be great)
>
>  



-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users