[Snort-users] Snort, Barnyard, Acid - Lack of paylod

Michael Anderson mca at ...1717...
Fri May 28 11:11:01 EDT 2004


I had the same problem.  Make sure you specify detail full in your 
barnyard.conf file.  The detail seems to be set to fast by default which 
only inserts the hdr and event information.  I found this out by looking 
through the code.  I could not find any documentation describing this 
configuration parameter.

Example barnyard.conf:
output log_acid_db: mysql, database db, server localhost, user user, 
password passwd, detail full

-Mike

John J. Nagro wrote:

>hello all,
>
>i am currently trying to run snort sensors logging to unified
>output (alerts) and barnyard to pick them up and toss them into
>a database that i look at via acid. It works but i cant get it
>to log payload, whats going on?
>
>Thanks in advance!
>
>-John Nagro
>
>(i am new to the list, i apologize if this is a topic thats
>already been covered, a link to that thread would be great)
>
>  
>





More information about the Snort-users mailing list