[Snort-users] [barnyard2-users] Fatal error after upgrading barnyard2

Miguel Alvarez miguellvrz9 at ...11827...
Sat Sep 29 11:03:12 EDT 2012


Hi Eric,

On Sat, Sep 29, 2012 at 4:28 PM, beenph <beenph at ...11827...> wrote:
> On Sat, Sep 29, 2012 at 2:43 AM, Miguel Alvarez <miguellvrz9 at ...11827...> wrote:
>> Good morning,
>>
>> I upgraded barnyard2 earlier this week to the 1.10 final from beta2
>> (thank you, elz!) and realized that some of my by2 processes had died.
>>  Looking in the logs, I see these from the MySQL output plugin for my
>> Snorby instance:
>>
>> Sep 29 03:27:49 nids12 barnyard2[18511]: FATAL ERROR: database
>> mysql_error: Duplicate entry '16-78634' for key 'PRIMARY'
>
> Is this error message complete? It seem's like the table name is missing.
> And this would help to diagnossis what could have heppened.

Yes, that's the complete message, there is no table name given in the log.

>> I tried removing all existing logs files in case waldo was getting
>> lost and trying to re-insert already sent records but that didn't seem
>> to be it.  What can I do to resolve this problem?
>
> How you by2 config file look like?

config utc
config reference_file:      /etc/snort/reference.config
config classification_file: /etc/snort/classification.config
config gen_file:            /etc/snort/gen-msg.map
config sid_file:            /etc/snort/sid-msg.map
config daemon
config set_gid: 500
config set_uid: 500
config umask: 066
config verbose
config reference_net: 10.0.0.0/8
input unified2
output alert_fast: alert
output database: log, mysql, user=x password=x dbname=x host=x.x.x.x
sensor_name=x

Thank you!

MA




More information about the Snort-users mailing list