[Snort-users] Barnyard question

Emilio Mira Alfaro emial at ...4389...
Tue Jul 9 01:25:06 EDT 2002


Hi all.

I'm trying to intall barnyard-0.1.0-rc2 with Snort 1.8.7beta2 
and there are some rare things. 

I log in MySQL database with acid output plugin:

output log_acid_db: mysql, sensor_id 1, database snortdb, 
server localhost, user snort, password ****** , detail full

and the only one input plugin is dp_log.

First, it seems that barnyard works with a delay: I only can
see alerts that were detected 2 hours ago.

Second, table iphdr and data are empty, I only can get information
about alerts generated, nothing else.

In snort.conf I have:

output alert_unified: filename snort.alert, limit 128
output log_unified: filename snort.log, limit 128

Any ideas.

Thank you!!


--
Emilio Mira
e-mail: emial at ...4389...





More information about the Snort-users mailing list