Configuring Barnyard with Bleeding threat rules

[Christopher Rommel <cromme1 () exchange towson edu>]

I am having an issue with Barnyard providing me the correct alert
information via the BASE console. I am running the following command:
barnyard -c /etc/snort/barnyard.conf -g /etc/snort/gen-msg.map -s
/etc/snort/bleeding-sid-msg-map.txt -d /var/log/snort -f snort.log -w
/var/log/snort/barnyard.waldo

On BASE, the alert information is displayed as follows: Snort Alert
[1:2000562:0]
In the bleeding-sid-msg-map.txt file, the ID 2000562 corresponds to:

2000562 || BLEEDING-EDGE VIRUS OUTBOUND Suspicious Email Attachment

Does anyone have any ideas as to why I am not seeing "BLEEDING-EDGE VIRUS OUTBOUND Suspicious Email Attachment" for the 
alert as opposed to Snort Alert [1:2000562:0]?

Thanks,

Chris



-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users