[Snort-users] Baryard2 error

basant subba basantsubba at ...11827...
Tue May 13 00:11:24 EDT 2014


Thank you Jeremy for your help. BY2 is working now and its logging data
from U2 file to mysql database. However now I want to list the contents of
mysql database using BASE. How do I do that? Is there any manual for BASE
installation? Once again thank you for your help.


On Tue, May 13, 2014 at 1:59 AM, Jeremy Hoel <jthoel at ...11827...> wrote:

> The error is not related to the ouput but to the compilation of BY2.  You
> are doing it from source yes?  You have the proper libraries and headers
> installed and when you compile, are there any errors?
>
> Where are you getting the source from?  My folder was called
> barnyard2-master because that was the tgz I had grabbed at the time.  The
> autogen should by in whatever folder gets created when you extract the
> zip/tarball.
>
>
>
>
>
> On Mon, May 12, 2014 at 11:15 AM, basant subba <basantsubba at ...11827...>wrote:
>
>> Hi Juan I have compiled my baryard2 with './configure --with-mysql'
>> command as recommended in many of the posts. But I am still getting the
>> same error. If you have a working barnyard2.conf file that works with mysql
>> can you please post it in the mailing list or mail me personally? And
>>  thank you for your reply.
>>
>>
>> On Mon, May 12, 2014 at 8:08 PM, Juan Jesus Prieto <
>> jjprieto at ...16842...> wrote:
>>
>>>  Hi Basant,
>>>
>>>   snort does not need to have mysql support, snort write at topspeed to
>>> unified2 file and barnyard2 will keep open this file to read packets and
>>> events information in u2 format and relay it via output plugin like mysql,
>>> syslog, etc. I suppose the error is from your barnyard2 installation.
>>>
>>> Regards.
>>>
>>> El 12/05/14 15:18, basant subba escribió:
>>>
>>> Hello snort users. When I am trying run barnyard to process my unified2
>>> output alerts, I am getting this error.
>>>
>>>  *database: 'mysql' support is not compiled into this build of snort*
>>>
>>>  *ERROR: If this build of snort was obtained as a binary distribution
>>> (e.g., rpm,*
>>> *or Windows), then check for alternate builds that contains the
>>> necessary*
>>> *'mysql' support.*
>>>
>>>  *The error is self explanatory in the sense that my installed version
>>> of snort doesn't support mqsql. My query is how do I rebuild my snort so
>>> that it supports mysql without removing the installed version?*
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
>>> Instantly run your Selenium tests across 300+ browser/OS combos.
>>> Get unparalleled scalability from the best Selenium testing platform available
>>> Simple to use. Nothing to install. Get started now for free."http://p.sf.net/sfu/SauceLabs
>>>
>>>
>>>
>>> _______________________________________________
>>> Snort-users mailing listSnort-users at lists.sourceforge.net
>>> Go to this URL to change user options or unsubscribe:https://lists.sourceforge.net/lists/listinfo/snort-users
>>> Snort-users list archive:http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>>
>>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
>>>
>>>
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
>>> Instantly run your Selenium tests across 300+ browser/OS combos.
>>> Get unparalleled scalability from the best Selenium testing platform
>>> available
>>> Simple to use. Nothing to install. Get started now for free."
>>> http://p.sf.net/sfu/SauceLabs
>>> _______________________________________________
>>> Snort-users mailing list
>>> Snort-users at lists.sourceforge.net
>>> Go to this URL to change user options or unsubscribe:
>>> https://lists.sourceforge.net/lists/listinfo/snort-users
>>> Snort-users list archive:
>>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>>
>>> Please visit http://blog.snort.org to stay current on all the latest
>>> Snort news!
>>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
>> Instantly run your Selenium tests across 300+ browser/OS combos.
>> Get unparalleled scalability from the best Selenium testing platform
>> available
>> Simple to use. Nothing to install. Get started now for free."
>> http://p.sf.net/sfu/SauceLabs
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140513/17254f2c/attachment.html>


More information about the Snort-users mailing list