Snort mailing list archives

Re: snort-2.9.11.1 mysql schema missing?

From: "2014/2015 - Nsabimana Thierry" <thierry.nsabimana () aims-cameroon org>
Date: Tue, 24 Apr 2018 01:48:49 +0100

*Thank you for reply. Now schema is available in snort  but Barnyard2 is
not configured successfully whereas snort is well configured. I got  the
following error "database mysql_error: Authentication plugin
'caching_sha2_password' cannot be loaded". I tried to fix it from morning
till now but I failed. The compilation result is posted below.*

























































































*Can any one help me again ? Rule application order:
activation->dynamic->pass->drop->sdrop->reject->alert->logVerifying
Preprocessor Configurations!        --== Initialization Complete ==--
,,_     -*> Snort! <*-  o"  )~   Version 2.9.11.1 GRE (Build 268)
''''    By Martin Roesch & The Snort Team:
http://www.snort.org/contact#team
<http://www.snort.org/contact#team>           Copyright (C) 2014-2017 Cisco
and/or its affiliates. All rights reserved.           Copyright (C)
1998-2013 Sourcefire, Inc., et al.           Using libpcap version
1.7.4           Using PCRE version: 8.42 2018-03-20           Using ZLIB
version: 1.2.8           Rules Engine: SF_SNORT_DETECTION_ENGINE  Version
3.0  <Build 1>           Preprocessor Object: SF_SSH  Version 1.1  <Build
3>           Preprocessor Object: SF_FTPTELNET  Version 1.2  <Build
13>           Preprocessor Object: SF_MODBUS  Version 1.1  <Build
1>           Preprocessor Object: SF_DNP3  Version 1.1  <Build 1>
Preprocessor Object: SF_Dynamic_Example_Preprocessor  Version 1.0  <Build
1>           Preprocessor Object: SF_SSLPP  Version 1.1  <Build
4>           Preprocessor Object: SF_REPUTATION  Version 1.1  <Build
1>           Preprocessor Object: SF_SIP  Version 1.1  <Build 1>
Preprocessor Object: SF_DCERPC  Version 1.0  <Build 4>
Preprocessor Object: SF_POP  Version 1.0  <Build 1>           Preprocessor
Object: SF_SDF  Version 1.1  <Build 1>           Preprocessor Object:
SF_IMAP  Version 1.0  <Build 1>           Preprocessor Object: SF_DNS
Version 1.1  <Build 4>           Preprocessor Object: SF_DCERPC2  Version
1.0  <Build 3>           Preprocessor Object: SF_GTP  Version 1.1  <Build
1>           Preprocessor Object: SF_SMTP  Version 1.1  <Build 9>Snort
successfully validated the configuration!Snort
exiting#######################################################################root@172-10-228-37:/usr/src#
barnyard2 -T -c /etc/barnyard2/barnyard2.conf -d /var/log/snort -f
snort.u2Running in Test mode        --== Initializing Barnyard2
==--Initializing Input Plugins!Initializing Output Plugins!Parsing config
file "/etc/barnyard2/barnyard2.conf"+[ Signature Suppress list
]+----------------------------+[No entry in Signature Suppress
List]+----------------------------+[ Signature Suppress list ]+Barnyard2
spooler: Event cache size set to [2048] INFO database: Defaulting
Reconnect/Transaction Error limit to 10 INFO database: Defaulting Reconnect
sleep time to 5 second database mysql_error: Authentication plugin
'caching_sha2_password' cannot be loaded:
/usr/lib/mysql/plugin/caching_sha2_password.so: cannot open shared object
file: No such file or directoryBarnyard2 exitingdatabase: Closing
connection to database "snort"    *

On Sun, Apr 22, 2018 at 1:50 PM, Joel Esler (jesler) <jesler () cisco com>
wrote:

The mysql schema is no longer included with Snort.  It’s now a part of
barnyard2.

Sent from my iPhone

On Apr 22, 2018, at 08:15, 2014/2015 - Nsabimana Thierry <
thierry.nsabimana () aims-cameroon org> wrote:

*Dear all,*


*Snort configuration was successfully validated but while I am trying to import the schema into the database I 
created for Snort, mysql schema missing.*









































*Could you please help? [ Number of patterns truncated to 20 bytes: 39 ]
        --== Initialization Complete ==--    ,,_     -*> Snort! <*-   o"
)~   Version 2.9.11.1 GRE (Build 268)    ''''    By Martin Roesch & The
Snort Team: http://www.snort.org/contact#team
<http://www.snort.org/contact#team>            Copyright (C) 2014-2017
Cisco and/or its affiliates. All rights reserved.            Copyright (C)
1998-2013 Sourcefire, Inc., et al.            Using libpcap version 1.7.4
           Using PCRE version: 8.42 2018-03-20            Using ZLIB
version: 1.2.8            Rules Engine: SF_SNORT_DETECTION_ENGINE  Version
3.0  <Build 1>            Preprocessor Object: SF_SSH  Version 1.1  <Build
3>            Preprocessor Object: SF_FTPTELNET  Version 1.2  <Build 13>
           Preprocessor Object: SF_MODBUS  Version 1.1  <Build 1>
           Preprocessor Object: SF_DNP3  Version 1.1  <Build 1>
Preprocessor Object: SF_SSLPP  Version 1.1  <Build 4>
Preprocessor Object: SF_REPUTATION  Version 1.1  <Build 1>
Preprocessor Object: SF_SIP  Version 1.1  <Build 1>            Preprocessor
Object: SF_POP  Version 1.0  <Build 1>            Preprocessor Object:
SF_SDF  Version 1.1  <Build 1>            Preprocessor Object: SF_IMAP
Version 1.0  <Build 1>            Preprocessor Object: SF_DNS  Version 1.1
<Build 4>            Preprocessor Object: SF_DCERPC2  Version 1.0  <Build
3>            Preprocessor Object: SF_GTP  Version 1.1  <Build 1>
           Preprocessor Object: SF_SMTP  Version 1.1  <Build 9> Snort
successfully validated the configuration! Snort exiting *



--

* PhD Student In Computer Science*
*University of Abomey Calavi, IMSP*
*Email: thierry.nsabimana () aims-cameroon org
<thierry.nsabimana () aims-cameroon org>*
*Email: thierry.nsabimana () imsp-uac org
<thierry.nsabimana () aims-cameroon org>*
*Tel: +229 61 403 104*
*AIMS-CAMEROON ALUMNI *


_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!

Please follow these rules: https://snort.org/faq/what-is-
the-mailing-list-etiquette



-- 

*PhD Student In Computer Science*
*University of Abomey Calavi, IMSP*
*Email: thierry.nsabimana () aims-cameroon org
<thierry.nsabimana () aims-cameroon org>*
*Email: thierry.nsabimana () imsp-uac org
<thierry.nsabimana () aims-cameroon org>*
*Tel: +229 61 403 104*
*AIMS-CAMEROON ALUMNI *

_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Current thread:

snort-2.9.11.1 mysql schema missing? 2014/2015 - Nsabimana Thierry (Apr 22)
- Re: snort-2.9.11.1 mysql schema missing? Joel Esler (jesler) via Snort-users (Apr 23)
  - Re: snort-2.9.11.1 mysql schema missing? 2014/2015 - Nsabimana Thierry (Apr 24)
    - Re: snort-2.9.11.1 mysql schema missing? Joel Esler (jesler) via Snort-users (Apr 25)
- Re: snort-2.9.11.1 mysql schema missing? wkitty42 (Apr 23)
- Re: snort-2.9.11.1 mysql schema missing? Y M via Snort-users (Apr 23)