Snort mailing list archives

Re: Barnyard syslog problem

From: Joel Esler <jesler () sourcefire com>
Date: Wed, 8 Jul 2009 18:20:53 -0400

On Wed, Jul 8, 2009 at 6:06 PM, Jefferson, Shawn <
Shawn.Jefferson () bcferries com> wrote:

 /usr/local/bin/barnyard -c /etc/snort/barnyard-alert.conf -g
/etc/snort/gen-msg.map -s /etc/snort/sid-msg.map -d /var/log/snort -f
snort.alert -w /etc/snort/byalert.waldo -a /tmp/ &

<Shot in the dark to eliminate stupid things>


Are you using the same waldo file for both barnyard instances?

Wait, why are you running two barnyards?  use one.  The one that works.

J


--
joel esler | Sourcefire | AIM: eslerjoel | 302-223-5974




-- 
joel esler | Sourcefire | AIM: eslerjoel | 302-223-5974

------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge  
This is your chance to win up to $100,000 in prizes! For a limited time, 
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize  
details at: http://p.sf.net/sfu/Challenge

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Barnyard syslog problem Jefferson, Shawn (Jul 08)
- Re: Barnyard syslog problem Joel Esler (Jul 08)
  - Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
    - Re: Barnyard syslog problem Joel Esler (Jul 08)
    - Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
    - Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
    - Re: Barnyard syslog problem Jefferson, Shawn (Jul 08)
    - Re: Barnyard syslog problem Joel Esler (Jul 08)
    - Re: Barnyard syslog problem Skip Carter (Jul 08)
    - Re: Barnyard syslog problem firnsy (Jul 09)