[Snort-users] Barnyard2 issue: can't extract timestamp extention from 'snort.u2.1484091351'using base 'snort.u2.1484091351'

changliu cchliu at ...17727...
Tue Jan 10 18:46:46 EST 2017

Hi, all,

I am trying to use barnyard2 in snort output analysis. I am using Barnyard2
2-1.14 and Snort version

I followed the instruction here:

In the snort.conf, I specified:
output unified2: filename snort.u2, limit 128

And after running snort, snort.u2.xxxxxxxxxx is generated in the

However, when I am running Barnyard2 to process the events in

It keeps printing out these error messages:
WARNING: Can't extract timestamp extension from 'snort.u2.1484091351'using
base 'snort.u2.1484091351'

Can somebody shed light on this problem?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170110/e8c63b4e/attachment.html>

More information about the Snort-users mailing list