[Oisf-devel] Unified2 / MySQL
Rich Rumble
richrumble at gmail.com
Tue Jan 5 02:16:10 UTC 2010
On Mon, Jan 4, 2010 at 7:40 PM, firnsy <firnsy at securixlive.com> wrote:
> Gents,
>
> That's an easy one. The "-f" parameter requires the filename upto the
> last period preceding the timestamp. So for your case Rich the correct
> "-f" usage would be:
>
> barnyard2 -c /usr/local/etc/barnyard2.conf -v -d /var/log/suricata/ -f
> unified2.alert -w /var/log/suricata/book.mark
Good on ya! That was it, sorry if I missed it in the documentation.
Something is wrong with my BASE install moving on to that now :)
-rich
More information about the Oisf-devel
mailing list