[Snort-users] Barnyard2 error

Abid Ayoub abid.ayoub at ...11827...
Wed Jul 24 10:39:35 EDT 2013


Hi,

i did´t understand what what do you mean exactly
but , if you mean that i am runnung snort or barnyard2 on background , the
answer is no.

Abid


2013/7/24 beenph <beenph at ...11827...>

> On Wed, Jul 24, 2013 at 10:15 AM, Abid Ayoub <abid.ayoub at ...11827...> wrote:
> > Hello,
> >
> > when i run the "barnyard2" with the next command:
> >
> > /usr/local/bin/barnyard2 -c /usr/local/snort/etc/barnyard2.conf -d
> > /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo
> >
> > I got:
> >
> > Running in Continuous mode
> >         --== Initializing Barnyard2 ==--
> > Initializing Input Plugins!
> > Initializing Output Plugins!
> > Parsing config file "/usr/local/snort/etc/barnyard2.conf"
> >
> > +[ Signature Suppress list ]+
> > ----------------------------
> > +[No entry in Signature Suppress List]+
> > ----------------------------
> > +[ Signature Suppress list ]+
> > Barnyard2 spooler: Event cache size set to [2048]
> > Log directory = /var/log/barnyard2
> > INFO database: Defaulting Reconnect/Transaction Error limit to 10
> > INFO database: Defaulting Reconnect sleep time to 5 second
> > [SignatureReferencePullDataStore()]: No Reference found in database ...
> > database: compiled support for (mysql)
> > database: configured to use mysql
> > database: schema version = 107
> > database:           host = localhost
> > database:           user = root
> > database:  database name = snort
> > database:    sensor name = localhost:eth1
> > database:      sensor id = 1
> > database:     sensor cid = 1
> > database:  data encoding = hex
> > database:   detail level = full
> > database:     ignore_bpf = no
> > database: using the "log" facility
> >         --== Initialization Complete ==--
> >   ______   -*> Barnyard2 <*-
> >  / ,,_  \  Version 2.1.13 (Build 327)
> >  |o"  )~|  By Ian Firns (SecurixLive): http://www.securixlive.com/
> >  + '''' +  (C) Copyright 2008-2013 Ian Firns <firnsy at ...14568...>
> > WARNING: Ignoring corrupt/truncated waldofile
> > '/var/log/snort/barnyard2.waldo'
> > Waiting for new spool file
> >
> > So, how can i solve this problem ? any idea ?
> >
> Hi Abid,
>
> Seen's to be running fine at this point? You have an issue?
>
> -elz
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130724/5de2ff28/attachment.html>


More information about the Snort-users mailing list