Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: Re: barnyard2-1.10 major problem

From: "Lawrence R. Hughes, Sr." <lhughes () safemedia com>
Date: Thu, 25 Oct 2012 10:53:42 -0400
Yes, I stopped barnyard2, deleted all events from database, deleted snort.waldo file, next restarted snort & barnyard2 

I attached barnyard2.conf file

Thanks,
Larry
----- Original Message ----- From: "beenph" <beenph () gmail com> 
To: "Lawrence R. Hughes, Sr." <lhughes () safemedia com>
Cc: <barnyard2-users () googlegroups com>; "snort-users" <snort-users () lists sourceforge net> 
Sent: Thursday, October 25, 2012 10:34 AM
Subject: Re: [Snort-users] Fwd: Re: barnyard2-1.10 major problem



On Thu, Oct 25, 2012 at 10:25 AM, Lawrence R. Hughes, Sr.
<lhughes () safemedia com> wrote:

Beenph,
Running the command line you suggested using that file, the results were one 
(1) event with the first packet from unified2 file.
Barnyard2 did not insert the second packet of the same event into the
snort.data table.



can you send me your barnyard2.conf without database login information?

And before running with --alert-on-each-packet-in-stream for testing ,
did you delete your waldo file?

-elz

Attachment: barnyard2.conf
Description: 

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: