Snort mailing list archives
Re: problem in using barnyard2 in batch mode
From: beenph <beenph () gmail com>
Date: Thu, 8 Nov 2012 12:33:02 -0500
On Thu, Nov 8, 2012 at 8:25 AM, ARUN PUSHKAR <arunpushkar () gmail com> wrote:
i am getting following error when i am running barnyard2 in batch mode WARNING database [Database()]: Called with Event[0x8e33780] Event Type [7] (P)acket [0x0], information has not been outputed. can some one help in finding possible reason
Greetings Arun, what you are seeing is a WARNING (now renamed INFO) message. This message is generated by the output plugin, and tell you that it received a event without a packet. Whats this mean literally is that in the unified2 file its possible that there is some event record that are not associated with packet record, and they are not logged. I would like to note that you would receive those warning in continuous mode and also in batch mode, this does not make any differences. If you see this message alot then you might want to look at your snort configuration file and see which unified2 output mode you have configured. output alert_unified2: xxxxxx OR output log_unified2: xxxxxx OR output unified2: xxxxxxxx barnyard2 currently work better/optimaly in 2-1.x with output unified2. -elz ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_nov _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- problem in using barnyard2 in batch mode ARUN PUSHKAR (Nov 08)
- Re: problem in using barnyard2 in batch mode beenph (Nov 08)
- Re: problem in using barnyard2 in batch mode Michael Steele (Nov 08)
- Re: problem in using barnyard2 in batch mode beenph (Nov 08)
- Re: problem in using barnyard2 in batch mode Michael Steele (Nov 08)
- Re: problem in using barnyard2 in batch mode beenph (Nov 08)