Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Barnyard 2 latest not reading snort logs

From: "Michael Steele" <michaels () winsnort com>
Date: Thu, 31 Mar 2016 08:18:13 -0400
For some reason Barnyard2 is not reading in the events from the log file
under PostgreSQL. The below is the output using the run line and adding -v
to the end for verbose. The -v doesn't do anything different when used. The
same output is displayed. I have moved the barnyard2 folder to another
sensor that has PostgreSQL and Barnyard2 works fine there.

 

Having a hard time tracking this down when the -v is not giving any output. 

 

        --== Initializing Barnyard2 ==--

Initializing Input Plugins!

Initializing Output Plugins!

Parsing config file "d:\winids\barnyard2\etc\barnyard2.conf"

 

 

+[ Signature Suppress list ]+

----------------------------

+[No entry in Signature Suppress List]+

----------------------------

+[ Signature Suppress list ]+

 

WARNING: invalid Reference spec 'url,'. Ignored

WARNING: invalid Reference spec 'url,'. Ignored

WARNING: invalid Reference spec 'url,'. Ignored

WARNING: invalid Reference spec 'url,'. Ignored

WARNING: invalid Reference spec 'url,'. Ignored

WARNING: invalid Reference spec 'url,'. Ignored

WARNING: invalid Reference spec 'url,'. Ignored

WARNING: invalid Reference spec 'url,'. Ignored

Barnyard2 spooler: Event cache size set to [32768]

Log directory = d:\winids\barnyard2

INFO database: Defaulting Reconnect/Transaction Error limit to 10

INFO database: Defaulting Reconnect sleep time to 5 second

 

Kindest regards,

Michael...


------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785471&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: