OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [Snort-users] More ACID BASE Help

From: Shaun Marlin (shaun.marlincanalta.com)
Date: Thu May 16 2013 - 14:24:42 CDT

Well I managed to find the barnyard2.conf but now I seem to be having an issue when I try the following commands

# /usr/local/bin/snort -q -u snort -g snort -c /etc/snort/snort.conf -i eth0 &
# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G /etc/snort/gen-msg.map -S
/etc/snort/sid-msg.map -C /etc/snort/classification.config &

When I run the second command, I get this error

rootSENTRY:/usr/src/barnyard2-master/schemas# /usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /etc/snort/bylog.waldo -G /etc/snort/gen-msg.map -S /etc/snort/sid-msg.map -C /etc/snort/classification.config &
[2] 7694
rootSENTRY:/usr/src/barnyard2-master/schemas# -bash: /usr/local/bin/barnyard2: No such file or directory

I looked for the /usr/local/barnyard2 directory, but there is nothing there.

Thanks
-Shaun
--
 Shaun Marlin
 Network Administrator
 Canalta
 Phone: (403) 820-3865
 Cell: (403) 334-1313
 shaun.marlincanalta.com

---------------------------------------------------------------------------
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential or privileged material.
Any review, retransmission, dissemination or other use of, or taking of any
action in reliance upon, this information by persons or entities other than
the intended recipient is prohibited. If you received this in error, please
notify the sender and delete the material from your computer.
---------------------------------------------------------------------------

-----Original Message-----
From: beenph [mailto:beenphgmail.com]
Sent: Wednesday, May 15, 2013 9:56 PM
To: Shaun Marlin; barnyard2-usersgooglegroups.com; snort-userslists.sourceforge.net
Subject: Re: [Snort-users] More ACID BASE Help

On Wed, May 15, 2013 at 10:21 PM, Shaun Marlin <shaun.marlincanalta.com> wrote:
>
> Hi there again,
>
> So I was directed to use this document http://s3.amazonaws.com/snort-org/www/assets/167/deb_snort_howto.pdf, which to its credit has worked well so far. Right now I am stumped on this section.
>
>
> 4. Install & configure Barnyard2
>
> # cd /usr/src && wget https://github.com/firnsy/barnyard2/archive/master.tar.gz
>
> # tar -zxf master.tar.gz && cd barnyard2-*
>
> # autoreconf -fvi -I ./m4 && ./configure --with-mysql && make && make install
>
> # mv /usr/local/etc/barnyard2.conf /etc/snort
>
> # cp schemas/create_mysql /usr/src
>

Hi Shaun,
By default you should find barnyard2.conf in /usr/local/etc

Cheers,
-elz

------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!