Snort mailing list archives

Previous By Date Next
Previous By Thread Next

odd issue with barnyard2 pid files

From: Russell Fulton <r.fulton () auckland ac nz>
Date: Wed, 9 Feb 2011 16:12:02 +1300
Hi,

I have a number of sensors on which I run snort and barnyard2 all are more or less identically configured 
(configuration pushed out from by a configuration management system -- puppet).  On a couple of the sensors the created 
pid file is empty?  which means that barnyard2 does not get shut down gracefully and I get errors on restart about 
inconsistent cids.

Any ideas what might cause this?

[snort@mon263549 ~]$ barnyard2 -V

  ______   -*> Barnyard2 <*-
 / ,,_  \  Version 2.1.8 (Build 251)
 |o"  )~|  By the SecurixLive.com Team: http://www.securixlive.com/about.php
 + '''' +  (C) Copyright 2008-2010 SecurixLive.

           Snort by Martin Roesch & The Snort Team: http://www.snort.org/team.html
           (C) Copyright 1998-2007 Sourcefire Inc., et al.

[snort@mon263549 ~]$ ls -l run
total 8
-rw------- 1 snort snort    0 Feb  1 11:13 barnyard2_dmzo.pid
-rw------- 1 snort snort    0 Feb  1 11:13 barnyard2_dmzo.pid.lck
-rw-rw-r-- 1 root  root     6 Feb  9 15:12 snort_eth1-dmzo.pid
-rw-rw-r-- 1 root  root     0 Feb  9 15:12 snort_eth1-dmzo.pid.lck

4695 ?        Ss    26:07 barnyard2 -c dmzo/conf/barnyard.conf -d /home/snort/data/dmzo/ -l /home/snort/data/dmzo/ -w 
/home/snort/data/dmzo/checkpoint -i dmzo -f snort.log --pid-path /home/snort/run/


Russell
------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: