[Snort-users] Fwd: Re: barnyard2-1.10 major problem

Lawrence R. Hughes, Sr. lhughes at ...14822...
Thu Oct 25 10:53:42 EDT 2012


Yes, I stopped barnyard2, deleted all events from database, deleted 
snort.waldo file, next restarted snort & barnyard2

I attached barnyard2.conf file

Thanks,
Larry
----- Original Message ----- 
From: "beenph" <beenph at ...11827...>
To: "Lawrence R. Hughes, Sr." <lhughes at ...14822...>
Cc: <barnyard2-users at ...14071...>; "snort-users" 
<snort-users at lists.sourceforge.net>
Sent: Thursday, October 25, 2012 10:34 AM
Subject: Re: [Snort-users] Fwd: Re: barnyard2-1.10 major problem


> On Thu, Oct 25, 2012 at 10:25 AM, Lawrence R. Hughes, Sr.
> <lhughes at ...14822...> wrote:
>> Beenph,
>>
>> Running the command line you suggested using that file, the results were 
>> one
>> (1) event with the first packet from unified2 file.
>> Barnyard2 did not insert the second packet of the same event into the
>> snort.data table.
>>
>
> can you send me your barnyard2.conf without database login information?
>
> And before running with --alert-on-each-packet-in-stream for testing ,
> did you delete your waldo file?
>
> -elz
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: barnyard2.conf
Type: application/octet-stream
Size: 8205 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121025/38523a7f/attachment.obj>


More information about the Snort-users mailing list