From: Andrew R. Baker (andrewbsnort.org)
Date: Sat Apr 03 2004 - 17:40:11 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michael Miller wrote:
> I had everything up and running smoothly but ran into a snag when trying
> to configure barnyard for a second sensor. Left with a database that had
> an extra 500,000 events I couldn’t see, I dropped and recreated the
> database with the scripts from the controb folder in snort 2.1.0.
>
>
>
> Now barnyard sees new logs, says it imports them, and ACID’s Total
> Events log climbs, but when I press Update Alert Cache, no alerts get
> added to the cache.

What is the configuration line you are using for Barnyard? If you have
specified the sensor_id option, did you create an entry in the sensor
table for it?

-A

-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&opick
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]