[Snort-users] Lets talk about ....

AllowOverride allowoverride at ...11827...
Mon Oct 8 18:28:34 EDT 2012


next topic, revisited:

u2spewfoo snort.log.1349734894 
get_record: (2) Failed to read all of record data.
	Read 14476 of 33555456 bytes

why?

i run snort/barnyard2 this way: should i change?

/usr/local/bin/snort -A fast -c /etc/snort/etc/snort.conf -i eth0 &
/usr/local/bin/barnyard2 -c /etc/snort/etc/barnyard2.conf
-d /var/log/snort -f snort.log -w /var/log/snort/barnyard2.waldo

i used the corrections you provided in last email(s).
snort is logging properly, no errors, just Warnings, i fixed the
whitelist sorta, but does not error out, and 3 ip's were loaded,

i think snort is logging NOT to unified2 format properly, since
u2spewfoo gives that error,which could explain why my DB is not
inputing data to mysql db using schemas/mysql_create. make sense?
advise,,, thanks...

ps Mr. Bates is definitely community thus far ;)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121008/b067a810/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: face-wink.png
Type: image/png
Size: 876 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121008/b067a810/attachment.png>
-------------- next part --------------
An embedded message was scrubbed...
From: Peter Bates <peter.bates at ...15381...>
Subject: Re: [Snort-users] Lets talk about ....
Date: Mon, 8 Oct 2012 10:06:17 +0100
Size: 6615
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121008/b067a810/attachment.mht>


More information about the Snort-users mailing list