Snort mailing list archives

Re: can't remember why... snot prepends /etc/ to paths resulting in /etc//foo

From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Mon, 19 Nov 2012 13:10:11 -0600

Barnyard2 has output plugins for aruba switches, the bro ids, cef, csv, 
snortsam, prelude, unix sockets, syslog (including tcpdump format), 
databases, platypus (a wrapper for scripts) and sguil.  Databases are only 
one of the things it does.

--On November 19, 2012 12:36:59 PM -0500 waldo kitty 
<wkitty42 () windstream net> wrote:

On 11/19/2012 12:25, Castle, Shane wrote:

Um - RULE_PATH in snort.conf?

Also see SO_RULE_PATH and PREPROC_RULE_PATH.


yeah, all those are set or else it wouldn't have that part of the path in
the  error messages...

var $SNORT_HOME /var/snort
var RULE_PATH $SNORT_HOME/rules
var SO_RULE_PATH $SNORT_HOME/so_rules
var PREPROC_PATH $SNORT_HOME/preproc_rules


-------------------------------------------------------------------------
----- Monitor your physical, virtual and cloud infrastructure from a
single web console. Get in-depth insight into apps, servers, databases,
vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!




-- 
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell


------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

can't remember why... snot prepends /etc/ to paths resulting in /etc//foo waldo kitty (Nov 19)
- Re: can't remember why... snot prepends /etc/ to paths resulting in /etc//foo Castle, Shane (Nov 19)
  - Re: can't remember why... snot prepends /etc/ to paths resulting in /etc//foo waldo kitty (Nov 19)
    - Re: can't remember why... snot prepends /etc/ to paths resulting in /etc//foo Castle, Shane (Nov 19)
    - Re: can't remember why... snot prepends /etc/ to paths resulting in /etc//foo waldo kitty (Nov 19)
    - Re: can't remember why... snot prepends /etc/ to paths resulting in /etc//foo Todd Wease (Nov 19)
    - Re: can't remember why... snot prepends /etc/ to paths resulting in /etc//foo Paul Schmehl (Nov 19)