[Snort-users] barnyard file reading question

AJ Butcher, Information Systems and Computing Alex.Butcher at ...11254...
Mon Feb 23 01:16:09 EST 2004


--On 22 February 2004 21:23 -0800 Mark Olbert <mark at ...11252...> wrote:

>
>
> I'm having trouble getting barnyard to read files:
>
> [root at ...11253... /home/mark]# barnyard -f /var/log/snort/snort.log.1077507761

[snip]

> WARNING: '/' detected in filename.  Correcting your mistake!!!!
>
> WARNING: spool_dir set to "/var/log/snort"
>
> Barnyard Version 0.1.0 (Build 17) started
>
> Unable to open spool file
>
> Exiting
>
>
>
> Using a local file name (i.e., leaving off the /var/log/snort) also
> results in an "unable to open spool file" error.
>
> I'm sure I'm missing something obvious, but I haven't been able to figure
> it out so far...

Try 'barnyard -d /path/to/snort.log.nnnn's/parent/directory -f snort.log'

> - Mark

Best Regards,
Alex.
-- 
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9






More information about the Snort-users mailing list