[Snort-users] BASE

Ryan ryan95842 at gmail.com
Wed Sep 19 17:11:27 EDT 2018


Assuming your os is linux:

make sure barnyard2 is running...it often will not start because it
requires mysql to start first. Check 'service barnyard2 status'

Also make sure it has read access to the snort logs and they are in
unified2 format (snort.u2.xxxxx). This may require starting snort and
barnyard2 as '-u snort -g snort' in the start script so they don't run as
root...also make sure the '/var/logs/snort/archived_logs' is created...

if you followed all the tutorials that I did, you will probably hit the
above snags...the rest depends on your infrastructure and ability to 'see'
the traffic (switch vs vmware, etc)



On Wed, Sep 19, 2018 at 1:48 PM Jean Michel Tangué via Snort-users <
snort-users at lists.snort.org> wrote:

> I finish the installation of snort but when he send any attack BASE don't
> detect him. Any help ? Its very important to resolv it quickly
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.snort.org
> Go to this URL to change user options or unsubscribe:
> https://lists.snort.org/mailman/listinfo/snort-users
>
>         To unsubscribe, send an email to:
>         snort-users-leave at lists.snort.org
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
> Please follow these rules:
> https://snort.org/faq/what-is-the-mailing-list-etiquette
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20180919/b1bc25c5/attachment.html>


More information about the Snort-users mailing list