Snort mailing list archives
Re: barnyard errors
From: Bamm Visscher <bamm () satx rr com>
Date: Thu, 17 Jul 2003 14:25:35 -0500
Can you please include the uncommented portions of your barnyard.conf. Bammkkkk On Thu, Jul 17, 2003 at 03:07:49PM -0400, Scott Renna wrote:
Ok, So i took a look at the config file and made some changes, but I'm still running into weird errors when starting barnyard: -*> Barnyard! <*- Version 0.1.0 (Build 17) By Andrew R. Baker (andrewb () snort org) and Martin Roesch (roesch () sourcefire com, www.snort.org) Loading Data Processors... dp_alert loaded dp_log loaded dp_stream_stat loaded Loading Built-in Output Plugins... Fast Alert plugin initialized AlertSyslog initialized Log Dump plugin initialized LogPcap initialized AlertCSV initialized Parsing Config file: /usr/local/etc/barnyard.conf WARNING /usr/local/etc/barnyard.conf(135) => Unknown output plugin "alert_acid_db" referenced, ignoring!WARNING /usr/local/etc/barnyard.conf(136) => Unknown output plugin "log_acid_db" referenced, ignoring!Archive Directory is NULL Config File =/usr/local/etc/barnyard.conf Log Dir=/var/log/snort/barnyard/ Spool Dir=/var/log/snort Spool File=snort.alert Waldo File=/var/log/snort/waldo.log Sid File=/usr/local/etc/snort/sid-msg.map Gen File=/usr/local/etc/snort/gen-msg.map Hostname=bsdtest Interface=dc0 Filter=not port 22 Record Number: 0 Log Flag: 1 Verbosity Level=0 File Arg Start: 0 Dry Run mode enabled commandline: barnyard -c /usr/local/etc/barnyard.conf -f /var/log/snort.log -g /usr/local/etc/snort/gen-msg.map -s /usr/local/etc/snort/sid-msg.map -L /var/log/snort/barnyard/ -w /var/log/snort/waldo.log -R Here's the weird part, it says the spool file is snort.alert, however, my command line specifies that the spool file should be /var/log/snort.log Is there a good site or forum for troubleshooting Barnyard? Anyone got some ideas? Scott *************************** Scott Renna Head Systems Administrator Dynamic Animation Systems 703-503-0500 ***************************
------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- barnyard errors Scott Renna (Jul 17)
- Re: barnyard errors Bamm Visscher (Jul 17)
- RE: barnyard errors Scott Renna (Jul 17)
- Re: barnyard errors Bamm Visscher (Jul 17)
- RE: barnyard errors Scott Renna (Jul 17)
- Re: barnyard errors Bamm Visscher (Jul 17)
- RE: barnyard errors Scott Renna (Jul 17)
- Re: barnyard errors Bamm Visscher (Jul 17)
- RE: barnyard errors Scott Renna (Jul 17)
- Re: barnyard errors Bamm Visscher (Jul 17)
- RE: barnyard errors Scott Renna (Jul 17)
- Re: barnyard errors Bamm Visscher (Jul 17)
- answer for barnyard errors Jeff Nathan (Jul 17)