[Snort-users] Barnyard2 startup issue
james.lay at ...15009...
Fri Jul 22 16:16:26 EDT 2011
> -----Original Message-----
> From: Aycock, Jeff R. [mailto:JEFF.R.AYCOCK at ...7594...]
> Sent: Friday, July 22, 2011 9:47 AM
> To: James Lay
> Cc: Snort
> Subject: Re: [Snort-users] Barnyard2 startup issue
> Thanks, James. I did the mods and ran Barnyard2 again with another
> this time with mysql not being able to find the socket file:
> [root at ...15345... ~]# Running in Continuous mode
> --== Initializing Barnyard2 ==-- Initializing Input Plugins!
> Initializing Output Plugins!
> Parsing config file "/etc/snort/barnyard2.conf"
> Log directory = /var/log/barnyard2
> sguil: sensor name = sensor
> sguil: agent port = 7735
> sguil: Connected to localhost on 7735.
> sguil: Waiting for sid and cid from sensor_agent.
> sguil: sensor ID = 4
> sguil: last cid = 0
> Node unique name is: sensor:eth0
> ERROR: database: mysql_error: Can't connect to local MySQL server
> socket '/tmp/mysql.sock' (2) Fatal Error, Quitting..
> The socket file is located in /var/lib/mysql so I guess my next
> how do I direct Barnyard to look for this file instead of
> which does not exists in this box? Is there anything in the conf file
> will do that? The my.cnf file is showing the correct location of the
> file for mysql client. I checked to see if MySQL is running:
As a quick fix for testing:
sudo ln /var/lib/mysql/mysql.sock /tmp/mysql.sock
As I recall, every time you stop and start mysql you'll need to do the
above. I couldn't find anywhere that you could tell barnyard2 where the
sock file is, but maybe someone else here can. Hope that helps.
More information about the Snort-users