[Snort-users] Barnyard2 not inputting portscans (was Unified Logging - BASE - Portscans)

beenph beenph at ...11827...
Wed Jul 27 09:34:41 EDT 2011


On Wed, Jul 27, 2011 at 9:27 AM, James Lay <jlay at ...13475...> wrote:
> Heh..fail ;)
>
> Jul 27 07:26:05 gateway barnyard2[30517]:         --== Initializing
> Barnyard2 ==--
> Jul 27 07:26:05 gateway barnyard2[30517]: Initializing Input Plugins!
> Jul 27 07:26:05 gateway barnyard2[30517]: Initializing Output Plugins!
> Jul 27 07:26:05 gateway barnyard2[30517]: Parsing config file
> "/opt/etc/snort/barnyard2.conf"
> Jul 27 07:26:09 gateway barnyard2[30517]: Log directory =
> /var/log/barnyard2
> Jul 27 07:26:09 gateway barnyard2[30517]: FATAL ERROR: Unified2Init():
> Can't start with NULL arguments
>
>


Sorry i forgot to tell you that you need to modify your barnyard2
configuration file with the following
arguments on your input unified2 line.

to the following

input unified2: input_mode

and add one of the following mode  unified2, alert_unified2,
log_unified2 (depending on the type of unified2 output mode you use
for snort).


-elz




More information about the Snort-users mailing list