Snort mailing list archives
Re: Barnyard syslog problem
From: firnsy <firnsy () securixlive com>
Date: Thu, 09 Jul 2009 17:17:53 +0930
Yes we had some issues with the waldo files in 1.5, but should have them addressed in the 1.6 beta that's out at the moment. barnyard2 is able to process both forms of data, alert and log, due to the new unified2 file format. -firnsy Skip Carter wrote:
On Wed, 8 Jul 2009 16:54:54 -0600 "Jefferson, Shawn" <Shawn.Jefferson () bcferries com> wrote:Looking into running two output plugins (one for alert and one for log unified files) with one barnyard instance, and the configuration allows me to specifc both, and testing with -R shows both, but how does the bookmark file work in this scenario? Any barnyard experts know? Do you have to run two instances if you want to process both the alert and log unified files with barnyard?Running two instances was the only way I got this sort of arrangement to work with V 0.2. I was able to use only one instance with Banyard2 V1.5 (the only catch was that with B2 the waldo file is a binary file -- I had to write a little helper app to create the initial waldo file since it doesnt seem to create one like the docs say it should).
------------------------------------------------------------------------------ Enter the BlackBerry Developer Challenge This is your chance to win up to $100,000 in prizes! For a limited time, vendors submitting new applications to BlackBerry App World(TM) will have the opportunity to enter the BlackBerry Developer Challenge. See full prize details at: http://p.sf.net/sfu/Challenge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Barnyard syslog problem Jefferson, Shawn (Jul 08)
- Re: Barnyard syslog problem Joel Esler (Jul 08)
- Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
- Re: Barnyard syslog problem Joel Esler (Jul 08)
- Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
- Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
- Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
- Re: Barnyard syslog problem Joel Esler (Jul 08)
- Re: Barnyard syslog problem Skip Carter (Jul 08)
- Re: Barnyard syslog problem firnsy (Jul 09)
- Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
- Re: Barnyard syslog problem Joel Esler (Jul 08)