[Snort-users] Barnyard2 startup issue
beenph at ...11827...
Fri Jul 22 16:47:22 EDT 2011
Sounds like a difference betwen the library default path to the socket
file vs the path given at mysqld startup.
I think this is also parametable by your mysql client default
configuration file (my.cnf) file if i am correct.
But if needed a quick code fix could be a solution if other people need it.
On Fri, Jul 22, 2011 at 4:16 PM, Lay, James <james.lay at ...15009...> wrote:
>> -----Original Message-----
>> From: Aycock, Jeff R. [mailto:JEFF.R.AYCOCK at ...7594...]
>> Sent: Friday, July 22, 2011 9:47 AM
>> To: James Lay
>> Cc: Snort
>> Subject: Re: [Snort-users] Barnyard2 startup issue
>> Thanks, James. I did the mods and ran Barnyard2 again with another
>> this time with mysql not being able to find the socket file:
>> [root at ...15345... ~]# Running in Continuous mode
>> --== Initializing Barnyard2 ==-- Initializing Input Plugins!
>> Initializing Output Plugins!
>> Parsing config file "/etc/snort/barnyard2.conf"
>> Log directory = /var/log/barnyard2
>> sguil: sensor name = sensor
>> sguil: agent port = 7735
>> sguil: Connected to localhost on 7735.
>> sguil: Waiting for sid and cid from sensor_agent.
>> sguil: sensor ID = 4
>> sguil: last cid = 0
>> Node unique name is: sensor:eth0
>> ERROR: database: mysql_error: Can't connect to local MySQL server
>> socket '/tmp/mysql.sock' (2) Fatal Error, Quitting..
>> The socket file is located in /var/lib/mysql so I guess my next
> question is
>> how do I direct Barnyard to look for this file instead of
>> which does not exists in this box? Is there anything in the conf file
>> will do that? The my.cnf file is showing the correct location of the
>> file for mysql client. I checked to see if MySQL is running:
> As a quick fix for testing:
> sudo ln /var/lib/mysql/mysql.sock /tmp/mysql.sock
> As I recall, every time you stop and start mysql you'll need to do the
> above. I couldn't find anywhere that you could tell barnyard2 where the
> sock file is, but maybe someone else here can. Hope that helps.
> 10 Tips for Better Web Security
> Learn 10 ways to better secure your business today. Topics covered include:
> Web security, SSL, hacker attacks & Denial of Service (DoS), private keys,
> security Microsoft Exchange, secure Instant Messaging, and much more.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
> Please see http://www.snort.org/docs for documentation
More information about the Snort-users