[Snort-users] @barnyard error

anagha b banagha3 at ...11827...
Mon Sep 2 04:41:57 EDT 2013


hi

My snort is running and i configured snort.conf with unified2 o/p as given
in documentation for ubuntu and snort.

at /var/log/snort/snort.u2.1378110976 file gets created but when i run
barnyard i get following error



snort o/p

Packet I/O Totals:
   Received:        10981
   Analyzed:        10981 (100.000%)
    Dropped:            0 (  0.000%)
   Filtered:            0 (  0.000%)
Outstanding:            0 (  0.000%)
   Injected:            0
===============================================================================
Breakdown by protocol (includes rebuilt packets):
        Eth:        11011 (100.000%)
       VLAN:            1 (  0.009%)
        IP4:        10919 ( 99.164%)
       Frag:            0 (  0.000%)
       ICMP:            6 (  0.054%)
        UDP:          274 (  2.488%)




/usr/local/bin/barnyard2 -c /srv/snort/etc/barnyard2.conf

Running in Continuous mode

        --== Initializing Barnyard2 ==--
Initializing Input Plugins!
Initializing Output Plugins!
Parsing config file "/srv/snort/etc/barnyard2.conf"


+[ Signature Suppress list ]+
----------------------------
+[No entry in Signature Suppress List]+
----------------------------
+[ Signature Suppress list ]+

Barnyard2 spooler: Event cache size set to [2048]
Log directory = /var/log/barnyard2
INFO database: Defaulting Reconnect/Transaction Error limit to 10
INFO database: Defaulting Reconnect sleep time to 5 second
[SignatureReferencePullDataStore()]: No Reference found in database ...
database: compiled support for (mysql)
database: configured to use mysql
database: schema version = 107
database:           host = localhost
database:           user = root
database:  database name = snort
database:    sensor name = localhost:eth0
database:      sensor id = 1
database:     sensor cid = 12
database:  data encoding = hex
database:   detail level = full
database:     ignore_bpf = no
database: using the "log" facility

        --== Initialization Complete ==--

  ______   -*> Barnyard2 <*-
 / ,,_  \  Version 2.1.13 (Build 327)
 |o"  )~|  By Ian Firns (SecurixLive): http://www.securixlive.com/
 + '''' +  (C) Copyright 2008-2013 Ian Firns <firnsy at ...14568...>

ERROR: Unable to open directory '' (No such file or directory)
ERROR: Unable to find the next spool file!
===============================================================================
Record Totals:
   Records:           0
   Events:           0 (0.000%)
   Packets:           0 (0.000%)
   Unknown:           0 (0.000%)
   Suppressed:           0 (0.000%)
===============================================================================

I checked all the files and dir set to root user and root group .

group have access of rand exe then why this no such file aand dir error?


plz help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130902/6185b7b8/attachment.html>


More information about the Snort-users mailing list