[Snort-users] Snort u2 output with vlan_event_type not supported by barnyard2?

beenph beenph at ...11827...
Tue Jun 18 00:00:25 EDT 2013


On Mon, Jun 17, 2013 at 2:05 PM, Agus <agus.262 at ...11827...> wrote:
> Hi guys,
>
Hi Agus,

> When configuring output u2 with clan_event_type, it seems that barnyard
> doesn't output at all. When i remove it, it starts logging. Anyone is using
> B2 with vlan?
>

UNIFIED2_IDS_EVENT_VLAN , type 104 and
UNIFIED2_IDS_EVENT_MPLS,  type 99

Are parsed from the unified2 file but will not be sent to output plugins.

Expect full logging support in barnyard2 2.2.

In the meantime its not had to adapt current code to log those event
type with or without
the vlan information, if you need assistance or pointed to do so, do
not hesitate to mail
barnyard2-devel at ...16410...

Cheers,
-elz




More information about the Snort-users mailing list