Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Error Barnyard2.conf

From: AllowOverride <allowoverride () gmail com>
Date: Wed, 03 Oct 2012 08:10:32 -0700
hey hi there firnsy, first of all thanks for all your hard work on
barnyard2, pretty nifty.

ok, if you are referring to output plugins, the only things i have
modified/added in barnyard2.conf are:

        i just added correct path for my build: /etc/snort/etc

config reference_file:      /etc/snort/etc/reference.config
config classification_file: /etc/snort/etc/classification.config
config gen_file:            /etc/snort/etc/gen-msg.map
config sid_file:                /etc/snort/etc/sid-msg.map

        little confused on syntax here

#output alert_fast: stdout
output alert_fast

        and finally,

config hostname: localhost
config interface: eth0
output database: log, mysql user=snort password='hidden' dbname=snort
host=localhost

i am following the howtos, and they are stating, change these. however,
im confused about unified2 output or input syntax.

suggestions?

also, what am i missing you need?
thanks!



On Wed, 2012-10-03 at 19:47 +1000, firnsy wrote:

On Wed, 2012-10-03 at 01:05 -0700, AllowOverride wrote:

why are you pointing me to a man page or webpage??

use mysql; select * from db; is correct
select * from user; is correct

if you dont know, dont answer, but do NOT point me to a webpage when im
following exactly with cut/paste from all the snort/barnyard2 howtos
with the same exact syntax.

anyone else?



What are the "output" directives in your barnyard2.conf? 

Specifically, I'm interested in what you've specified for the host
portion.


open to suggestions, not man pages. 

thanks




----8< snip >8----




------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: