Re: BASE

[Ryan via Snort-users <snort-users () lists snort org>]

Assuming your os is linux:

make sure barnyard2 is running...it often will not start because it
requires mysql to start first. Check 'service barnyard2 status'

Also make sure it has read access to the snort logs and they are in
unified2 format (snort.u2.xxxxx). This may require starting snort and
barnyard2 as '-u snort -g snort' in the start script so they don't run as
root...also make sure the '/var/logs/snort/archived_logs' is created...

if you followed all the tutorials that I did, you will probably hit the
above snags...the rest depends on your infrastructure and ability to 'see'
the traffic (switch vs vmware, etc)



On Wed, Sep 19, 2018 at 1:48 PM Jean Michel Tangué via Snort-users <
snort-users () lists snort org> wrote:

> I finish the installation of snort but when he send any attack BASE don't
> detect him. Any help ? Its very important to resolv it quickly
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists snort org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
>
>         To unsubscribe, send an email to:
>         snort-users-leave () lists snort org
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
> Please follow these rules:
> https://snort.org/faq/what-is-the-mailing-list-etiquette
_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

        To unsubscribe, send an email to:
        snort-users-leave () lists snort org

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette