[Snort-users] unified2 processing

Pradeep Lamabam deeplamabam at ...11827...
Thu Nov 25 01:01:12 EST 2010


I am processing snort unified2 files using barnyard2-1.8 in batch mode. The
following command works for a single unified2 file but unable to process
more than one file.

barnyard2 -c /etc/snort/barnyard2.conf -l /var/log/snort -o
snort.u2.1289721101 -o snort.u2.1289776993

The above command results in the following msgs which i assume processes
only the first file and not both

Opened spool file 'snort.u2.1289721101'
Closing spool file 'snort.u2.1289721101'. Read 10477 records
Opened spool file 'snort.u2.1289776993'
Closing spool file 'snort.u2.1289776993'. Read 0 records

Would appreciate any suggestions regarding the processing of multiple
unified2 files in batch mode!!

with regards,
pradeep
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20101125/364c12bb/attachment.html>


More information about the Snort-users mailing list