barnyard2: WARNING: Can't extract timestamp extension from 'merged.log'using base ''

[Charlie <ForFun2000 () hotmail com>]

 Hi

I am trying to use Snort with barnyard2-1.13 on Linux RaspberryPI2 
3.18.11-v7+

barnyard2 is logging into the mySQL db ok; I know that because when I 
enable mysql general query log. barnyard2 is updating the table 'sensor'.

I called the file that snort generate & barnyard2 reads: "merged.log".  
Some people I read calls it "something.u2" but it is just a name? 
barnyard2 is looking at the 'merged.log' file generated by Snort as you 
will see from this log:

Jul 30 19:44:32 RasberryPI barnyard2: WARNING: Can't extract timestamp 
extension from 'snort_eth0.pid'using base ''
Jul 30 19:44:32 RasberryPI barnyard2: WARNING: Can't extract timestamp 
extension from '*merged.log*'using base ''
Jul 30 19:44:32 RasberryPI barnyard2: WARNING: Can't extract timestamp 
extension from '..'using base ''
Jul 30 19:44:32 RasberryPI barnyard2: WARNING: Can't extract timestamp 
extension from 'barnyard2.alert'using base ''
Jul 30 19:44:32 RasberryPI barnyard2: WARNING: Can't extract timestamp 
extension from 'alert'using base ''

Q1) However because of this " Can't extract timestamp extension" 
warning, it is not writing into the event table, why?
Q2) What does this using base '' mean?

In snort.conf, I have tried:
output unified2: filename merged.log, limit 128, nostamp, 
mpls_event_types, vlan_event_types
then
output unified2: filename merged.log, limit 128
but it did not help.

Thanks in advance


------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!