[Snort-users] trouble starting Barnyard
larrywichman at ...131...
Tue Oct 4 13:21:58 EDT 2005
I am trying to get Barnyard working for the 1st time; I am using the following syntax to start it:
barnyard -c /etc/snort/barnyard.conf -d /var/log/snort -f snort.alert
I configured my barnyard.conf file to send alerts to my database
I configured my snort.conf file for unified file output (snort.alert) and when I start snort I get a file created called snort.alert.11283xxx(whatever) and a file called alert
I guess I am confused
.I am telling Barnyard that the spool directory is /var/log/snort and the file to read the alerts is snort.alert, but Snort seems to be adding an arbitrary suffix to the file name.
Anyway, it does not look like Barnyard is doing anything; there are no alerts from Snort to my database. Any ideas out there? As always, any help is greatly appreciated. Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users