Snort mailing list archives
Re: Having problem with Barnyard
From: firnsy <firnsy () securixlive com>
Date: Thu, 24 Jun 2010 17:22:21 +0930
The two important things to know is what is your output directives of both snort.conf and barnyard2.conf. This will reveal the problem I'm sure.
[root@FedoraSnort snort]# ls -la /var/log/snort total 280 drwxr-xr-x. 2 snort snort 4096 2010-06-23 11:34 . drwxr-xr-x. 15 root root 4096 2010-06-23 12:00 .. -rw-------. 1 snort snort 0 2010-06-23 10:38 alert -rw-------. 1 root root 0 2010-06-23 11:06 merged.log -rw-------. 1 root root 277755 2010-06-23 20:03 snort.log [root@FedoraSnort snort]#
Based on your reference to "-f snort.log", I have a sneaking suspicion that you are not using the full unified v2 log, which will may also cause some unexpected results. Regards, -- firnsy www.securixlive.com
Attachment:
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard JJC (Jun 23)
- Re: Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard JJC (Jun 23)
- Re: Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard firnsy (Jun 24)
- Message not available
- Re: Having problem with Barnyard firnsy (Jun 24)
- Re: Having problem with Barnyard Nick Moore (Jun 23)
- Re: Having problem with Barnyard JJC (Jun 23)