[Snort-users] unified2 processing

firnsy firnsy at ...14568...
Thu Nov 25 05:43:48 EST 2010


On Thu, 2010-11-25 at 11:31 +0530, Pradeep Lamabam wrote:
> I am processing snort unified2 files using barnyard2-1.8 in batch
> mode. The following command works for a single unified2 file but
> unable to process more than one file.
> 
> barnyard2 -c /etc/snort/barnyard2.conf -l /var/log/snort -o
> snort.u2.1289721101 -o snort.u2.1289776993
> 
> The above command results in the following msgs which i assume
> processes only the first file and not both
> 
> Opened spool file 'snort.u2.1289721101'
> Closing spool file 'snort.u2.1289721101'. Read 10477 records
> Opened spool file 'snort.u2.1289776993'
> Closing spool file 'snort.u2.1289776993'. Read 0 records
> 
> Would appreciate any suggestions regarding the processing of multiple
> unified2 files in batch mode!!
> 

G'day Pradeep,

This is a bug, it has been fixed in our git which is available over at:

www.github.com/firnsy/barnyard2

Let me know if you have any further troubles.

Regards,

-- 
firnsy
www.securixlive.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20101125/e12e5c75/attachment.sig>


More information about the Snort-users mailing list