Home page logo

snort logo Snort mailing list archives

Re: unified2 processing
From: firnsy <firnsy () securixlive com>
Date: Thu, 25 Nov 2010 21:43:48 +1100

On Thu, 2010-11-25 at 11:31 +0530, Pradeep Lamabam wrote:
I am processing snort unified2 files using barnyard2-1.8 in batch
mode. The following command works for a single unified2 file but
unable to process more than one file.

barnyard2 -c /etc/snort/barnyard2.conf -l /var/log/snort -o
snort.u2.1289721101 -o snort.u2.1289776993

The above command results in the following msgs which i assume
processes only the first file and not both

Opened spool file 'snort.u2.1289721101'
Closing spool file 'snort.u2.1289721101'. Read 10477 records
Opened spool file 'snort.u2.1289776993'
Closing spool file 'snort.u2.1289776993'. Read 0 records

Would appreciate any suggestions regarding the processing of multiple
unified2 files in batch mode!!

G'day Pradeep,

This is a bug, it has been fixed in our git which is available over at:


Let me know if you have any further troubles.



Attachment: signature.asc
Description: This is a digitally signed message part

Increase Visibility of Your 3D Game App & Earn a Chance To Win $500!
Tap into the largest installed PC base & get more eyes on your game by
optimizing for Intel(R) Graphics Technology. Get started today with the
Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs.
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]