[Oisf-users] Suri-GUI

Will Metcalf william.metcalf at gmail.com
Thu Jul 8 14:02:05 UTC 2010 

barnyard2 is not barnyard-0.2.0.  See below..

http://www.securixlive.com/barnyard2/index.php

Regards,

Will

On Thu, Jul 8, 2010 at 8:57 AM, Anas.B <a.bouhsaina at gmail.com> wrote:
> Hi Will,
>
> I've dowlnloaded barnyard-0.2.0, but i didn't find "barnyard2.conf"
>
> in Suricata.yaml,
> we have already :
>
>   - unified-log:
>       enabled: yes
>       filename: unified.log
>
>       # Limit in MB.
>       #limit: 32
>
>   - unified-alert:
>       enabled: yes
>       filename: unified.alert
>
>       # Limit in MB.
>       #limit: 32
>
>   - unified2-alert:
>       enabled: yes
>
>
>       filename: unified2.alert
>
> but how could we link between Suricata log folder and barnyard. ?
> help me please.
>
> Regards.
>
> Anas
>
>
> 2010/7/8 Will Metcalf <william.metcalf at gmail.com>
>>
>> unified1 logs are disabled by default have you enabled them in your
>> suricata.yaml file?  Also you need to change the -f snort.log to be -f
>> unified.log. As as an fyi you should look at unified2/barnyard2 if you
>> are doing a fresh install.
>>
>>  - unified-log:
>>      enabled: yes
>>      filename: unified.log
>>
>>  - unified-alert:
>>      enabled: yes
>>      filename: unified.alert
>>
>> Regards,
>>
>> Will
>> On Thu, Jul 8, 2010 at 6:36 AM, Anas.B <a.bouhsaina at gmail.com> wrote:
>> > Hello everyone,
>> >
>> > I've installed mysql, created the database, with snort shemas (tables),,
>> > also Barnyard,
>> >
>> >
>> > in barnyard.conf :
>> > I've replaced these lines :
>> >
>> > config hostname: debian
>> > config interface: eth0
>> > output log_acid_db: mysql, database snort, server localhost, user root,
>> > password mysnortpassword, detail full
>> >
>> > But to launch Barnyard
>> > I changed the command (snort) from this :
>> >
>> > # /usr/local/bin/barnyard \
>> > -c /etc/snort/barnyard.conf \
>> > -g /etc/snort/gen-msg.map \
>> > -s /etc/snort/sid-msg.map \
>> > -d /var/log/snort \
>> > -f snort.log \
>> > -w /etc/snort/barnyard.waldo &
>> >
>> > to this
>> >
>> > # /usr/local/bin/barnyard  -c /etc/suricata/barnyard.conf -d
>> > /var/log/suricata &
>> >
>> > But it dosen't work :s
>> >
>> > Can u help me,
>> >
>> > Regards.
>> > Anas
>> >
>> > _______________________________________________
>> > Oisf-users mailing list
>> > Oisf-users at openinfosecfoundation.org
>> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> >
>> >
>
>

More information about the Oisf-users mailing list