[Snort-users] output plugins barnyard2

Pradeep Lamabam deeplamabam at ...11827...
Wed Dec 16 02:27:58 EST 2009


thank you all for your assistance so far.

i am using snort with barnyard2. what i want to is :
1 log events to mysql database (works fine !!)
2 log alerts to a file in /var/log/snort/<alert filename>,( work fine !!),
am using this file with snort_stat.pl and lastly
*3 log the whole packet to a file in /va/log/snort/<filename>, so that i can
use it with wireshark. (NOT WORKING !! )*

1 and 2 has been configured in barnyard2.conf file as :
a) output alert_fast: /var/log/snort/<alert filename> and
b) output database: alert, mysql, user=snort password=password dbname=snort
host=localhost
*c) using output log_tcpdump in barnyard2.conf for step 3 doesn't helps,
since it logs only raw data and not protocol informations!!*

i would greatly appreciate if someone could help me pass through step 3 !!

with regards,
deeplam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20091216/9f3c1cd5/attachment.html>


More information about the Snort-users mailing list