[Snort-users] Barnyard with mysql is not working

Jason Lewis jlewis at ...2449...
Mon Oct 15 18:08:23 EDT 2001


No dice.  Same error.

For kicks, here is my barnyard.conf

#-------------------------------------------------------------
#   http://www.snort.org    Barnyard 0.1.0 configuration file
#          Contact: snort-barnyard at lists.sourceforge.net
#-------------------------------------------------------------
# $Id: barnyard.conf,v 1.6 2001/10/10 16:42:27 cazz Exp $
########################################################
# Currently you want to do two things in here: turn on
# available data processors and turn on output plugins.
# The data processors (dp's) and output plugin's (op's)
# automatically associate with each other by type and
# are automatically selected at run time depending on
# the type of file you try to load.
########################################################
# Step 1: setup the data processors

# dp_alert
# --------------------------
# The dp_alert data processor is capable of reading the alert (event) format
# generated by Snort's spo_unified plug-in.  It is used with output plug-ins
# that support the "alert" input type.  This plug-in takes no arguments.
processor dp_alert


# dp_log
# ---------------------------
# The dp_log data processor is capable of reading the log format generated
# by Snort's spo_unified plug-in.  It is used with output plug-ins
# that support the "log" input type.  This plug-in takes no arguments.
processor dp_log


# dp_stream_stat
# ---------------------------
# The dp_stream_stat data processor is capable of reading the binary output
# generated by Snort's spp_stream4 plug-in.  It is used with output plug-ins
# that support the "stream_stat" input type.  This plug-in takes no
arguments.
processor dp_stream_stat


# Step 2: setup the output plugins

# alert_fast
#-----------------------------
# Converts data from the dp_alert plugin into an approximation of Snort's
# "fast alert" mode.  Argument: <filename>

#output alert_fast

# log_dump
#-----------------------------
# Converts data from the dp_log plugin into an approximation of Snort's
# "ASCII packet dump" mode.  Argument: <filename>

#output log_dump

# alert_syslog
#-----------------------------
# Converts data from the alert stream into an approximation of Snort's
# syslog alert output plugin.  Same arguments as the output plugin in snort.

#output alert_syslog

# log_pcap
#-----------------------------
# Converts data from the dp_log plugin into standard pcap format
# Argument: <filename>

#output log_pcap

# acid_db
#-------------------------------
# Available as both a log and alert output plugin.  Used to output data into
# the db schema used by ACID
# Arguments:
#      $db_flavor           - what flavor of database (ie, mysql)
#      sensor_id $sensor_id - integer sensor id to insert data as
#      database $database   - name of the database
#      server $server       - server the database is located on
#      user $user           - username to connect to the database as
#      password $password   - password for database authentication
output alert_acid_db: mysql, sensor_id prozac, database snort, server
pharmacy, user snort
output log_acid_db: mysql, sensor_id prozac, database snort, server
pharmacy, user root, detail full

-----Original Message-----
From: Andrew R. Baker [mailto:andrewb0x29a at ...131...]
Sent: Monday, October 15, 2001 8:15 PM
To: jlewis at ...2449...; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Barnyard with mysql is not working



You need to configure barnyard with support for mysql.  Try using

	./configure --with-mysql

-A






More information about the Snort-users mailing list