[Snort-users] barnyard help

Doug Metz dwmetz at ...11827...
Thu Jun 20 16:46:52 EDT 2013


I've recently gotten a few of our snort sensors upgraded (re-installed) to
v 2.9.4.

Snort itself tests fine

./snort -T -i eth0 -u snort -g snort -c /etc/snort/snort.conf

Barnyard tests fine

barnyard2 -c /etc/barnyard2.conf -d /var/log/snort -f merged.log -T


I see the file sizes for alert and snort.x logs incrementing.

Problem is that I don't see any events passing to the snort database.


Your assistance in troubleshooting is greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130620/9160e6fc/attachment.html>


More information about the Snort-users mailing list