Barnyard Options Help Needed!

[Kevin Peuhkurinen <kevin.peuhkurinen () hepcoe com>]

Hi all.  I've decided to start using Barnyard and need some help with 
some of the options.

First, Snort creates two unified files; an alert and a log file.   
However, when I tell Barnyard to use the alert file (with -f), the 
packet data is not sent to the database.   If I tell Barnyard to use the 
log file, nothing gets sent to the database.   The output plugin used is 
alert_acid_db, with the "detail full" setting.  How do I tell Barnyard 
to send alerts with full packet data to the database?

Secondly, I can't seem to figure how to get any of the other output 
plugins to work.   I want to use alert_fast and log_pcap, but the files 
are not being created.   I've tried starting Barnyard with "-L 
/var/log/snort" but this seems to do nothing.  I tried putting a 
filename after the "output alert_fast" in the conf file, but then it 
complains that it doesn't know about this plugin.   What am I doing wrong?

Thanks!




-------------------------------------------------------
This SF.NET email is sponsored by: Geek Gift Procrastinating?
Get the perfect geek gift now!  Before the Holidays pass you by.
T H I N K G E E K . C O M      http://www.thinkgeek.com/sf/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users