[Snort-users] Having problem with Barnyard

firnsy firnsy at ...14568...
Thu Jun 24 07:46:41 EDT 2010


Nick,


> 
> # unified2
> # Recommended for most installs
> output unified2: filename snort.log, limit 128, nostamp

To maintain chronology of the files, barnyard2 (like the original
barnyard) utilises the unix timestamp that is normally appended to the
filename.

For example:

snort.u2.124848388
snort.u2.124861336
snort.u2.124892311

By using the "nostamp" directive you are explicitly removing this
timestamp and thus rendering the spooling operation of barnyard2
ineffective.

In short, omit the "nostamp". The rest should be sufficient.

Regards,

-- 
firnsy
www.securixlive.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20100624/06c116f9/attachment.sig>


More information about the Snort-users mailing list