[Snort-users] barnyard errors

Scott Renna srenna at ...9588...
Thu Jul 17 12:09:07 EDT 2003


Ok,

So i took a look at the config file and made some changes, but I'm still
running into weird errors when starting barnyard:

-*> Barnyard! <*-
Version 0.1.0 (Build 17)
By Andrew R. Baker (andrewb at ...950...)
and Martin Roesch (roesch at ...1935..., www.snort.org)

Loading Data Processors...
dp_alert loaded
dp_log loaded
dp_stream_stat loaded
Loading Built-in Output Plugins...
Fast Alert plugin initialized
AlertSyslog initialized
Log Dump plugin initialized
LogPcap initialized
AlertCSV initialized
Parsing Config file: /usr/local/etc/barnyard.conf
WARNING /usr/local/etc/barnyard.conf(135) => Unknown output plugin
"alert_acid_db" referenced, ignoring!WARNING
/usr/local/etc/barnyard.conf(136) => Unknown output plugin "log_acid_db"
referenced, ignoring!Archive Directory is NULL
Config File =/usr/local/etc/barnyard.conf
Log Dir=/var/log/snort/barnyard/
Spool Dir=/var/log/snort
Spool File=snort.alert
Waldo File=/var/log/snort/waldo.log
Sid File=/usr/local/etc/snort/sid-msg.map
Gen File=/usr/local/etc/snort/gen-msg.map
Hostname=bsdtest
Interface=dc0
Filter=not port 22
Record Number: 0
Log Flag: 1
Verbosity Level=0
File Arg Start: 0
Dry Run mode enabled
commandline: barnyard -c /usr/local/etc/barnyard.conf -f
/var/log/snort.log -g /usr/local/etc/snort/gen-msg.map -s
/usr/local/etc/snort/sid-msg.map -L /var/log/snort/barnyard/ -w
/var/log/snort/waldo.log -R 



Here's the weird part, it says the spool file is snort.alert, however,
my command line specifies that the spool file should be
/var/log/snort.log

Is there a good site or forum for troubleshooting Barnyard?  Anyone got
some ideas?

Scott
***************************
Scott Renna
Head Systems Administrator
Dynamic Animation Systems
703-503-0500

*************************** 





More information about the Snort-users mailing list