[Snort-users] display tcp payload with BASE
linkragus at ...11827...
Wed May 2 18:52:45 EDT 2012
I am new to Snort, I use Snort126.96.36.199>barnyard2>MySQL>BASE, and have
a probleme: I can't display the tcp payload with BASE. So how can I
display tcp payload?
output database: log, mysql, user=snortuser password=snortpassword
dbname=snort host=localhost detail=full
output unified2: filename snort.log, limit 128
Running in Continuous mode
--== Initializing Barnyard2 ==--
Initializing Input Plugins!
Initializing Output Plugins!
Parsing config file "/etc/snort/barnyard2.conf"
ERROR: Unable to open SID file '/etc/snort/sid-msg.map' (No such file
Log directory = /var/log/barnyard2
Node unique name is:
Last event seen for sid 4 was 9
database: compiled support for (mysql)
database: configured to use mysql
database: schema version = 107
database: host = localhost
database: user = snortuser
database: database name = snort
database: sensor name =
database: sensor id = 4
database: sensor cid = 10
database: data encoding = hex
database: detail level = full
database: ignore_bpf = no
database: using the "log" facility
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users