[Snort-users] Clean DB && Barnyard Start

Joerg Weber j.weber at ...8292...
Tue Apr 15 03:26:11 EDT 2003


Hello everyone,

I just stumbled across the following:
I dropped the ACID-DB from a Test-Install and re-created. Then fired up
my configured && running snort plus barnyard, and noticed that I won't
get events logged.
Checking out the DB, I saw that everything's logged just fine. Only
thing missing was the sensor ID.
So, I changed my output plugin, started snort with logging directly into
MySQL, re-changed the config to unified-logging with barnyard and all's
well.

Something done wrong on my side, or is it a known issue that you have to
have snort running at least once to log directly into the DB before
using barnyard?

Cheers,

Joerg

PS: Versions used are
Barnyard Version 0.1.0 (Build 17) and
Version 1.9.1 (Build 231) (till I find time to upgrade to 2.0 ;>)

-- 
Joerg Weber
Network Security

infoServe GmbH
Nell-Breuning-Allee 6
D-66115 Saarbruecken

T: (0681) 8 80 08 - 0
F: (0681) 8 80 08 - 59
www.infos.de
E: j.weber at ...8292...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030415/3ee52dcc/attachment.sig>


More information about the Snort-users mailing list