[Oisf-users] Suri-GUI

Will Metcalf william.metcalf at gmail.com
Thu Jul 8 12:07:16 UTC 2010


unified1 logs are disabled by default have you enabled them in your
suricata.yaml file?  Also you need to change the -f snort.log to be -f
unified.log. As as an fyi you should look at unified2/barnyard2 if you
are doing a fresh install.

  - unified-log:
      enabled: yes
      filename: unified.log

  - unified-alert:
      enabled: yes
      filename: unified.alert

Regards,

Will
On Thu, Jul 8, 2010 at 6:36 AM, Anas.B <a.bouhsaina at gmail.com> wrote:
> Hello everyone,
>
> I've installed mysql, created the database, with snort shemas (tables),,
> also Barnyard,
>
>
> in barnyard.conf :
> I've replaced these lines :
>
> config hostname: debian
> config interface: eth0
> output log_acid_db: mysql, database snort, server localhost, user root,
> password mysnortpassword, detail full
>
> But to launch Barnyard
> I changed the command (snort) from this :
>
> # /usr/local/bin/barnyard \
> -c /etc/snort/barnyard.conf \
> -g /etc/snort/gen-msg.map \
> -s /etc/snort/sid-msg.map \
> -d /var/log/snort \
> -f snort.log \
> -w /etc/snort/barnyard.waldo &
>
> to this
>
> # /usr/local/bin/barnyard  -c /etc/suricata/barnyard.conf -d
> /var/log/suricata &
>
> But it dosen't work :s
>
> Can u help me,
>
> Regards.
> Anas
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>



More information about the Oisf-users mailing list