Snort mailing list archives
Re: Barnyard2 launching problem
From: Marcin Dulak <marcin.dulak () gmail com>
Date: Wed, 22 Feb 2017 01:42:37 +0100
On Wed, Feb 22, 2017 at 12:46 AM, Abdullah AL-Mutairy < abohabeeb1412 () gmail com> wrote:
Hello everyone .. I've been trying to make snort work with MySQL for almost a month
the old tools like barnyard2, snorby, sguil etc. are no longer maintained. Maybe try https://securityonion.net/
but i keep getting errors in each step > look for a solution then bypass the problem. I'm following this guid here: http://computer-outlines.over-blog.com/ article-nids-snort-barnyard2-apache2-base-with-ubuntu-14- 04-lts-123532107.html And now i'm stuck at "launching barnyard2" step! When i do the command:
where barnyard2 has been installed? which barnyard2
sudo /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/barnyard2/bylog.waldo -C /etc/snort/classification.config I get an error because /usr/local/bin/ is empty. The guid is good and clear but i have a feeling that it might be missing some small parts like DAQ package, is that right? All i wanted is to read the snort logs!
barnyard is not needed for reading the logs. Assuming you have unified2 log https://github.com/jasonish/py-idstools will do, see http://seclists.org/snort/2017/q1/11 Marcin
But couldn't make it work! Please help me >_< Your help is much appreciated . . . . . ------------------------------------------------------------ ------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard2 launching problem Abdullah AL-Mutairy (Feb 21)
- Re: Barnyard2 launching problem Marcin Dulak (Feb 21)
- Re: Barnyard2 launching problem Abdullah AL-Mutairy (Feb 22)
- Re: Barnyard2 launching problem Abdullah AL-Mutairy (Feb 22)
- Re: Barnyard2 launching problem Marcin Dulak (Feb 21)