Snort mailing list archives

Re: reboot the DB

From: Bryan Irvine <bryan.irvine () kingcountyjournal com>
Date: 07 Jul 2003 17:19:51 -0700

ok I'm trying to build barnyard with the following options

# ./configure --enable-postgres
--with-postgres-includes=/usr/local/include/postgresql
--with-postgres-libraries=/usr/local/lib 

and it seems to go ok, except when I try to run "make" i get the
following errors.


#
make                                                                                                                    
      
make  all-recursive
Making all in src
Making all in output-plugins
gcc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I../../src 
-I/usr/local/include/postgresql -DENABLE_POSTGRES  -g -O2 -Wall -c
op_acid_db.c
op_acid_db.c:115: syntax error before `,'
op_acid_db.c:116: syntax error before `,'
op_acid_db.c: In function `DbClose':
op_acid_db.c:947: structure has no member named `pq'
op_acid_db.c: In function `SelectAsUInt':
op_acid_db.c:966: structure has no member named `pq'
op_acid_db.c: In function `Insert':
op_acid_db.c:984: structure has no member named `pq'
op_acid_db.c:984: `result' undeclared (first use in this function)
op_acid_db.c:984: (Each undeclared identifier is reported only once
op_acid_db.c:984: for each function it appears in.)
op_acid_db.c: In function `BeginTransaction':
op_acid_db.c:1002: structure has no member named `pq'
op_acid_db.c: In function `EndTransaction':
op_acid_db.c:1020: structure has no member named `pq'
op_acid_db.c: In function `AbortTransaction':
op_acid_db.c:1038: structure has no member named `pq'
op_acid_db.c: In function `PostgresClose':
op_acid_db.c:1153: warning: control reaches end of non-void function
op_acid_db.c: At top level:
op_acid_db.c:1155: syntax error before `,'
op_acid_db.c:1161: syntax error before `,'
*** Error code 1

Stop in /home/admin/barnyard-0.1.0/src/output-plugins.
*** Error code 1

Stop in /home/admin/barnyard-0.1.0/src (line 192 of Makefile).
*** Error code 1

Stop in /home/admin/barnyard-0.1.0 (line 164 of Makefile).
*** Error code 1

Stop in /home/admin/barnyard-0.1.0 (line 293 of Makefile).
# 


Any ideas?


--Bryan

On Mon, 2003-07-07 at 16:45, Erek Adams wrote:

On Mon, 7 Jul 2003, Bryan Irvine wrote:

So I should redo the setup and have snort log to this barnyard something
or other instead of postgres, and barnyard will take care of logging to
postgres so acid can still see the alerts?  I got the order right?


There's not much to really "redo".  Build and install Barnyard, change
your output plugin from DB to unified, configure Barnyard to look at the
right files and DB, and start up BY and Snort.  Snort sends the
alerts to the unified log file, BY then reads the file from disk and sends
the data to the DB.  If network drops or if the DB doesn't respond, BY
simply waits until it becomes active before starting to send the alerts
again.

One thing you might want to check on is how well BY works with Postgres.
I'm pretty sure it works, but something in the back of my mind make me
think there was an issue.  I can't recall if that's the case or not.  You
can check the archives here [0].

Anyone have any experience in using Barnyard and Snort with Postgres?

Cheers!

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson

[0]   http://marc.theaimsgroup.com/?l=snort-users&r=1&w=2


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

reboot the DB Bryan Irvine (Jul 07)
- Re: reboot the DB Erek Adams (Jul 07)
  - Re: reboot the DB Bryan Irvine (Jul 07)
    - Re: reboot the DB Erek Adams (Jul 07)
    - Re: reboot the DB Bryan Irvine (Jul 07)
    - Re: reboot the DB Paul Dokas (Jul 08)
    - Re: reboot the DB Derek Glidden (Jul 08)
    - Re: reboot the DB Bryan Irvine (Jul 08)
    - Re: reboot the DB Derek Glidden (Jul 08)
    - Re: reboot the DB Bryan Irvine (Jul 08)
    - Re: reboot the DB Andrew R. Baker (Jul 09)
    - Re: reboot the DB Bryan Irvine (Jul 09)