Re: Using Barnyard2 with Snort

[Y M <snort () outlook com>]

Robert,
I took a quick look at your barnyard2.conf and nothing out of the oridnary is there. However, in the conf file, you 
have setup barnyard2 to run as daemon, so after you run barnyard2, try running ps aux | grep barnyard2, do you see the 
process listed?
Also, comment out the daemon part in the conf file and run in verbose mode again such as barnyard2 -c 
/path/to/barnyard2.conf -v and see what output you get. If it is running in daemon mode messages will be printed to 
syslog or dmesg depending on your distro and not to stdout.
YM.

From: robert.farnsworth () hp com
To: jlay () slave-tothe-box net
Date: Fri, 26 Jun 2015 17:00:35 +0000
CC: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Using Barnyard2 with Snort









HI, James  I know your busy but just wanted to reply so you don’t forget about this.
 
Thanks
 
Robert
 


From: James Lay [mailto:jlay () slave-tothe-box net]


Sent: Wednesday, June 24, 2015 6:56 AM

To: snort-users () lists sourceforge net

Subject: Re: [Snort-users] Using Barnyard2 with Snort


 
On Mon, 2015-06-22 at 12:37 +0000, Farnsworth, Robert wrote:


 
This is what I get running in verbose. I have attached my barnyard2.conf file.
 
 
 
[root@usolglwxoh004 jzcdc0]# /usr/local/bin/barnyard2 -v
Running in Continuous mode
 
        --== Initializing Barnyard2 ==--
Initializing Input Plugins!
Initializing Output Plugins!
Parsing config file "./barnyard2.conf"
 
 
 
-----Original Message-----
From: James Lay [mailto:jlay () slave-tothe-box net] 
Sent: Friday, June 19, 2015 5:08 PM
To: Farnsworth, Robert
Cc: snort-users () lists sourceforge net
Subject: RE: [Snort-users] Using Barnyard2 with Snort
 
On 2015-06-19 02:55 PM, Farnsworth, Robert wrote:
> I cannot get Barnyard to run.
>
> It seems to die @ Parsing config file "/etc/snort/barnyard2.conf"
>
> -----Original Message-----
> From: James Lay [mailto:jlay () slave-tothe-box net]
> Sent: Friday, June 19, 2015 4:46 PM
> To: snort-users () lists sourceforge net
> Subject: Re: [Snort-users] Using Barnyard2 with Snort
>
> On 2015-06-19 11:57 AM, Farnsworth, Robert wrote:
> > I realize this is off topic for SNORT, but does anybody know how to 
> > get help with a barnyard2 config? I've tried the google group and the 
> > e-mail fails.
> >
> > [root@anyhost] /usr/bin/barnyard2 -c /etc/snort/barnyard2.conf -d 
> > /var/log/snort -f snort.log -w /var/log/snort/barnyard.waldo
> >
> > Running in Continuous mode
> >
> >  --== Initializing Barnyard2 ==--
> >
> > Initializing Input Plugins!
> >
> > Initializing Output Plugins!
> >
> > Parsing config file "/etc/snort/barnyard2.conf"
> >
> >  ______ -*> Barnyard2 <*-
> >
> > / ,,_ \ Version 2.1.13 (Build 327)
> >
> > |o" )~| By Ian Firns (SecurixLive): http://www.securixlive.com/
> >
> > + '''' + (C) Copyright 2008-2013 Ian Firns firnsy () securixlive com
> >
> > Thanks
> >
> > ROBERT L. FARNSWORTH
 
You'll want to post your barnyard2.conf file as well as try and run it with the -v option for verbose mode, then post 
the output of that as well.
 
James
 
------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
 
Please visit http://blog.snort.org to stay current on all the latest Snort news!



Haven't forgotten about this....I will try and look at this later today.



James 




------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!                                        

------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!