[Snort-users] Barnyard2 launching problem

Abdullah AL-Mutairy abohabeeb1412 at ...11827...
Wed Feb 22 18:13:39 EST 2017


Update:
I found a full simple guide to install snort, barnyard, and MySQL.
Check it out:
https://s3.amazonaws.com/snort-org-site/production/document_files/files/000/000/122/original/Snort_2.9.9.x_on_Ubuntu_14-16.pdf?AWSAccessKeyId=AKIAIXACIED2SPMSC7GA&Expires=1487807797&Signature=SUNyvMC8J1YtYENKv%2Fz%2BPViSkEs%3D

Best guide i've seen so far!

Thanks 


. . . . . 

> On Feb 22, 2017, at 3:42 AM, Marcin Dulak <marcin.dulak at ...11827...> wrote:
> 
> 
> 
>> On Wed, Feb 22, 2017 at 12:46 AM, Abdullah AL-Mutairy <abohabeeb1412 at ...979...11827...> wrote:
>> 
>> Hello everyone ..
>> 
>> I've been trying to make snort work with MySQL for almost a month
> 
> the old tools like barnyard2, snorby, sguil etc. are no longer maintained.
> Maybe try https://securityonion.net/
>  
>> but i keep getting errors in each step > look for a solution then bypass the problem.
>> 
>> I'm following this guid here: http://computer-outlines.over-blog.com/article-nids-snort-barnyard2-apache2-base-with-ubuntu-14-04-lts-123532107.html
>> 
>> And now i'm stuck at "launching barnyard2" step! When i do the command:
> 
> where barnyard2 has been installed?
> which barnyard2
>  
>> sudo /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/barnyard2/bylog.waldo -C /etc/snort/classification.config
>> 
>> I get an error because /usr/local/bin/ is empty.
>> 
>> The guid is good and clear but i have a feeling that it might be missing some small parts like DAQ package,  is that right?
>> 
>> All i wanted is to read the snort logs!
> 
> barnyard is not needed for reading the logs. Assuming you have unified2 log https://github.com/jasonish/py-idstools will do, see http://seclists.org/snort/2017/q1/11
> 
> Marcin
>  
>> But couldn't make it work!
>> 
>> Please help me >_<
>> 
>> Your help is much appreciated 
>> . . . . . 
>> 
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>> 
>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170223/244d82c0/attachment.html>


More information about the Snort-users mailing list