Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: prelude issue with snort 2.9.4.5

From: Ashraf Ali <ashrafali.ibs () gmail com>
Date: Fri, 26 Apr 2013 19:05:09 +0530
well i have used ./configure --enable-prelude && make && make install

still it is not recognition the alert_prelude

do i need to also specify --with-libprelude-prefix=PFX

pls help

....


On Fri, Apr 26, 2013 at 6:40 PM, beenph <beenph () gmail com> wrote:


On Fri, Apr 26, 2013 at 8:49 AM, Ashraf Ali <ashrafali.ibs () gmail com>
wrote:

Hi All
 i have install snort/barnyard2 , and configure barnyard2.conf for

prelude

output (output alert_prelude: profile=snort)

but when i am trying to run the barnyard i am getting the following

error.


ERROR: /usr/local/snort/etc/barnyard2.conf(9) Unknown output plugin:
"alert_prelude"
Fatal Error, Quitting.

what is the issue..?



If you compiled from source you probably didn't use the proper
configure flag to enable prelude support.

 ./configure --hel | grep prelude
  --enable-prelude         Enable Prelude Hybrid IDS support
  --with-libprelude-prefix=PFX
                          Prefix where libprelude is installed (optional)

Once you have run configure with the proper flags,

make clean
make
and then make install or copy the binary where you need it and use
alert_prelude.

Cheers,
-elz


------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service 
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: