[Snort-users] unified2 processing

firnsy firnsy at ...14568...
Thu Nov 25 05:43:48 EST 2010

On Thu, 2010-11-25 at 11:31 +0530, Pradeep Lamabam wrote:
> I am processing snort unified2 files using barnyard2-1.8 in batch
> mode. The following command works for a single unified2 file but
> unable to process more than one file.
> barnyard2 -c /etc/snort/barnyard2.conf -l /var/log/snort -o
> snort.u2.1289721101 -o snort.u2.1289776993
> The above command results in the following msgs which i assume
> processes only the first file and not both
> Opened spool file 'snort.u2.1289721101'
> Closing spool file 'snort.u2.1289721101'. Read 10477 records
> Opened spool file 'snort.u2.1289776993'
> Closing spool file 'snort.u2.1289776993'. Read 0 records
> Would appreciate any suggestions regarding the processing of multiple
> unified2 files in batch mode!!

G'day Pradeep,

This is a bug, it has been fixed in our git which is available over at:


Let me know if you have any further troubles.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20101125/e12e5c75/attachment.sig>

More information about the Snort-users mailing list