[Snort-users] Error Barnyard2.conf

elof at ...6680... elof at ...6680...
Wed Oct 3 05:18:59 EDT 2012


I'm guessing it has to do with the way you connect.
With the mysql client and no explicit host given, I guess it is using 
sockets to connect to the sql server.
...or it might be treated different if you connect to '127.0.0.1' vs 
'localhost'.

So debug your grants and allow snort to login from 'localhost'.

/Elof

On Tue, 2 Oct 2012, AllowOverride wrote:

> i can connect locally with mysql -u snort -p no problem.
> mysql -u snort -p
> Enter password:
> Welcome to the MySQL monitor.  Commands end with ; or \g.
> Your MySQL connection id is 87
> Server version: 5.5.24-0ubuntu0.12.04.1 (Ubuntu)
> ~~~
> mysql>
>
>
> when i launch barnyard2 i get this error:
>
>
> Oct  2 21:34:40 jupiter barnyard2[11630]: Running in Continuous mode
> Oct  2 21:34:40 jupiter barnyard2[11630]:
> Oct  2 21:34:40 jupiter barnyard2[11630]:         --== Initializing
> Barnyard2 ==--
> Oct  2 21:34:40 jupiter barnyard2[11630]: Initializing Input Plugins!
> Oct  2 21:34:40 jupiter barnyard2[11630]: Initializing Output Plugins!
> Oct  2 21:34:40 jupiter barnyard2[11630]: Parsing config file
> "/etc/snort/etc/barnyard2.conf"
>
>
> Oct  2 21:35:02 jupiter barnyard2[11630]: Log directory
> = /var/log/barnyard2
> Oct  2 21:35:02 jupiter barnyard2[11630]: Initializing daemon mode
> Oct  2 21:35:02 jupiter barnyard2[11837]: Daemon initialized, signaled
> parent pid: 11630
> Oct  2 21:35:02 jupiter barnyard2[11837]: PID path stat checked out ok,
> PID path set to /var/run/
> Oct  2 21:35:02 jupiter barnyard2[11837]: Writing PID "11837" to file
> "/var/run//barnyard2_eth0.pid"
> Oct  2 21:35:02 jupiter barnyard2[11630]: Daemon parent exiting
> Oct  2 21:35:02 jupiter barnyard2[11837]: FATAL ERROR: database:
> mysql_error: Access denied for user 'snort'@'localhost' (using password:
> YES)
>
> snort is run like this:
> /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/etc/snort.conf
> -i eth0 &
>
> barnyard2 is run like this:
> /usr/local/bin/barnyard2 -c /etc/snort/etc/barnyard2.conf
> -d /var/log/snort -f snort.log -w /var/log/snort/barnyard2.waldo -D &
>
>
> any suggestions?
>
>
>
> ------------------------------------------------------------------------------
> Don't let slow site performance ruin your business. Deploy New Relic APM
> Deploy New Relic app performance management and know exactly
> what is happening inside your Ruby, Python, PHP, Java, and .NET app
> Try New Relic at no cost today and get our sweet Data Nerd shirt too!
> http://p.sf.net/sfu/newrelic-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>




More information about the Snort-users mailing list