[Snort-users] Snort/Barnyard Error

Richard Lichvar rlichvar at ...14639...
Fri Aug 21 10:30:20 EDT 2009



I can tell you that the date on the barnyard and snort executables seems
to be March, 2008. Whether that tells you the version or not, I don't


From: Richard Lichvar [mailto:rlichvar at ...14639...] 
Sent: Friday, August 21, 2009 10:21 AM
To: Joel Esler
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort/Barnyard Error


Pardon my ignorance, but to tell you the truth, I don't know. This thing
just got dumped in my lap after our security guy left and he didn't
leave any documentation as to what version of what is installed.


That said, how can I tell what version? The messages only say


Also, I'm still fairly new to 'nix so I'm not too sure how to answer
those kinds of questions. (We don't use any kind of 'nix GUI.)


From: Joel Esler [mailto:jesler at ...1935...] 
Sent: Friday, August 21, 2009 10:04 AM
To: Richard Lichvar
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Snort/Barnyard Error


Clarification, are you using barnyard, or barnyard2?


If the former, please use the latter.



On Fri, Aug 21, 2009 at 9:32 AM, Richard Lichvar <rlichvar at ...14639...>

First of all, I'm not sure the original post came through correctly so
I'm reposting. (Think I let outlook autofill and got the -request
address. My apologies.)

Second, I'm a newbie to Snort not having worked with it in several years
(and then just dabbling in it) so I'm just coming up to speed. Also,
since this has to do with barnyard, I'm not sure this is the correct
forum in which to post this.

Now, to the problem:

Our Snort/IDS/syslogs (we use Splunk to collect/view) are getting
filled-up with a barnyard 2629 warning "unable to extract timestampe
file extension from 'snort.log.nnnnnn.' How we can fix this?

Many thanks in advance for your help!



Let Crystal Reports handle the reporting - Free Crystal Reports 2008
trial. Simplify your report design, integration and deployment - and
focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
rs>  list archive:


-- Joel Esler | Sourcefire | Google Voice: 302-223-5974

# " This e-mail and any attached documents may contain confidential or
proprietary information. If you are not the intended recipient, please
advise the sender immediately and delete this e-mail and all attached
documents from your computer system. Any unauthorised disclosure,
distribution or copying hereof is prohibited." " Ce courriel et les
documents qui y sont attaches peuvent contenir des informations
confidentielles. Si vous n'etes pas le destinataire escompte, merci d'en
informer l'expediteur immediatement et de detruire ce courriel ainsi que
tous les documents attaches de votre systeme informatique. Toute
divulgation, distribution ou copie du present courriel et des documents
attaches sans autorisation prealable de son emetteur est interdite." # 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20090821/950b94bf/attachment.html>

More information about the Snort-users mailing list