[Snort-users] Problem with barnyard 0.2.0 and snort 2.4.0

eric-list-snort-users at ...11523... eric-list-snort-users at ...11523...
Sat Aug 20 10:11:06 EDT 2005


On Sat, 2005-08-20 at 11:55:45 -0500, Paul Schmehl proclaimed...

> You can add the following to the config section of your barnyard conf file:
> config sid-msg-map: /usr/local/share/snort/sid-msg.map
> config gen-msg-map: /usr/local/share/snort/gen-msg.map
> config class-file: /usr/local/share/snort/classification.config

Thanks.

> Delete your waldo file (/var/log/snort/log/snort_ids.log) and allow 
> barnyard to recreate it.  It's apparently corrupted.
  
Deleted, but it didn't fix anything.

> I also strongly recommend that you do not use localtime with barnyard.  It 
> causes problems during the change from daylight savings to "normal" time.

Done, but that didn't fix anything either.





More information about the Snort-users mailing list