![snort logo](/images/snort-logo.png)
Snort mailing list archives
Re: Another Barnyard Question
From: "Andrew R. Baker" <andrewb () snort org>
Date: Fri, 25 Jun 2004 14:50:31 -0400
Lance Boon wrote:
I'm trying to get barnyard-0.2.0.tar.gz setup and running on my remote sensors logging to a centralized MySql database. I've got the Snort 2.0 Intrusion Detection book and reading through it on page 431 it says that "Some recent additions to the barnyard.conf file will allow us to actually run Barnyard without the -g and -s switches. These files can be preconfigured within the "configuration declarations" section of the barnyard.conf file. "For example: config generator-map: gen-msg.map config signature-map: sid-msg.map
The Snort 2.0 book is not very useful for Barnyard 0.2 as a number of things changed. The updated version from Syngress (Snort 2.1) documents all of the changes in Barnyard 0.2.
For the config file on 0.2, try using these instead: config sid-msg-map: /path/to/sid-msg.map config gen-msg-map: /path/to/gen-msg.map -A ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training.Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Another Barnyard Question Lance Boon (Jun 25)
- Re: Another Barnyard Question Andrew R. Baker (Jun 25)
- <Possible follow-ups>
- RE: Another Barnyard Question Lance Boon (Jun 25)