RE: Barnyard... need... help...

["Gordon Cunningham" <gcunnin2 () bellsouth net>]

Barnyard is a little picky about its command line args.  I've found that
in -One-shot mode, you can't use the -D (daemon) mode.  Try it without
the -D.  When you specify -D, barnyard expects to find a -f <base filename>
argument, which is the error you're getting.


- Gordon

"The software said it requires Windows 98 or better, so I installed
Linux..."

 -----Original Message-----
From:   snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]  On Behalf Of
tfarkus1 () maine rr com
Sent:   Tuesday, August 05, 2003 10:05 AM
To:     snort-users () lists sourceforge net
Subject:        [Snort-users] Barnyard... need... help...

I've valiantly battled with barnyard for too long, and I need some help.
Here is the command I have been using..

[root@**** etc]# barnyard -D -c /etc/snort/barnyard.conf -g
/etc/snort/etc/gen-msg.map -s /etc/snort/etc/sid-msg.map -o
/var/log/snort/uni_snort.log.1060091088

And here is what I get from syslog..

Aug  5 09:59:11 **** barnyard: Loading Data Processors...
Aug  5 09:59:11 **** barnyard: dp_alert loaded
Aug  5 09:59:11 **** barnyard: dp_log loaded
Aug  5 09:59:11 **** barnyard: dp_stream_stat loaded
Aug  5 09:59:11 **** barnyard: Loading Built-in Output Plugins...
Aug  5 09:59:11 **** barnyard: Fast Alert plugin initialized
Aug  5 09:59:11 **** barnyard: AlertSyslog initialized
Aug  5 09:59:11 **** barnyard: Log Dump plugin initialized
Aug  5 09:59:11 **** barnyard: LogPcap initialized
Aug  5 09:59:11 **** barnyard: AcidDb output plugin initialized
Aug  5 09:59:11 **** barnyard: AlertCSV initialized
Aug  5 09:59:11 **** barnyard: Parsing Config file: /etc/snort/barnyard.conf
Aug  5 09:59:11 **** barnyard: Args: mysql, sensor_id 1, database snort,
server *****.*****.com, user snort
Aug  5 09:59:11 **** barnyard: Args: mysql, database snort, server
*****.*****.com, user root, detail full
Aug  5 09:59:11 **** barnyard: FATAL ERROR: No file specified for reading
Aug  5 09:59:11 **** barnyard: Exiting

I need some serious help, and if anyone can help me I would be more than
grateful.

-David Crosby



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users