[Snort-users] Sguil 8 and Barnyard2 beta

James Lay jlay at ...13475...
Sun Jul 10 07:36:13 EDT 2011


Hey all,

SoŠ.been trying to get sguil to flyŠand here's what I see below:

Running in Continuous mode

        --== Initializing Barnyard2 ==--
Initializing Input Plugins!
Initializing Output Plugins!
Parsing config file "/opt/etc/snort/barnyard2.conf"
Log directory = /var/log/barnyard2
sguil:  sensor name = gateway
sguil:  agent port =  7736
sguil:  Connected to localhost on 7736.
2011-07-10 11:31:58 pid(19350)  Sensor agent connect from 127.0.0.1:40978
sock15
2011-07-10 11:31:58 pid(19350)  Validating sensor access: 127.0.0.1 :
2011-07-10 11:31:58 pid(19350)  Valid sensor agent: 127.0.0.1
ERROR: sguil: Expected SidCidResponse and got 'SGUIL-0.8.0 OPENSSL ENABLED
'
Fatal Error, Quitting..
2011-07-10 11:31:58 pid(19350)  Sensor Data Rcvd: SidCidRequest gateway
2011-07-10 11:31:58 pid(19350)  Ignoring cmd from unregistered agent:
SidCidRequest gateway
2011-07-10 11:31:58 pid(19350)  Sensor Data Rcvd:
2011-07-10 11:31:58 pid(19350)  Ignoring cmd from unregistered agent:
2011-07-10 11:31:58 pid(19350)  Socket sock15 closed

Scouring the net found me nothing with this.  Any hints on what I can do to
fix this?  Got to admitŠ.sguil is one of the most frustration apps I've
tried to get workingŠ

James


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20110710/66a01352/attachment.html>


More information about the Snort-users mailing list