[Oisf-users] Suri-GUI

Anas.B a.bouhsaina at gmail.com
Thu Jul 8 14:30:30 UTC 2010 

Ah, I had a doubt about it,

Thank you, I will retry and tell u, results :)


Cheers.

Anas

2010/7/8 Brant Wells <bwells at tfc.edu>

> The Barnyard download should have come with an example file in the
> download....  Inside of the download's folder, there is a barnyard.conf file
> in ./etc  -- I usually copy this to /etc/suricata/barnyard.conf and then
> modify as needed.
>
> See Yas!
> ~Brant
>
>
> On Thu, Jul 8, 2010 at 9:57 AM, Anas.B <a.bouhsaina at gmail.com> wrote:
>
>> Hi Will,
>>
>> I've dowlnloaded barnyard-0.2.0, but i didn't find "barnyard2.conf"
>>
>> in Suricata.yaml,
>> we have already :
>>
>>
>>   - unified-log:
>>       enabled: yes
>>       filename: unified.log
>>
>>       # Limit in MB.
>>       #limit: 32
>>
>>
>>   - unified-alert:
>>       enabled: yes
>>       filename: unified.alert
>>
>>       # Limit in MB.
>>       #limit: 32
>>
>>   - unified2-alert:
>>       enabled: yes
>>
>>
>>       filename: unified2.alert
>>
>> but how could we link between Suricata log folder and barnyard. ?
>> help me please.
>>
>> Regards.
>>
>> Anas
>>
>>
>> 2010/7/8 Will Metcalf <william.metcalf at gmail.com>
>>
>> unified1 logs are disabled by default have you enabled them in your
>>> suricata.yaml file?  Also you need to change the -f snort.log to be -f
>>> unified.log. As as an fyi you should look at unified2/barnyard2 if you
>>> are doing a fresh install.
>>>
>>>  - unified-log:
>>>      enabled: yes
>>>      filename: unified.log
>>>
>>>  - unified-alert:
>>>      enabled: yes
>>>      filename: unified.alert
>>>
>>> Regards,
>>>
>>> Will
>>> On Thu, Jul 8, 2010 at 6:36 AM, Anas.B <a.bouhsaina at gmail.com> wrote:
>>> > Hello everyone,
>>> >
>>> > I've installed mysql, created the database, with snort shemas
>>> (tables),,
>>> > also Barnyard,
>>> >
>>> >
>>> > in barnyard.conf :
>>> > I've replaced these lines :
>>> >
>>> > config hostname: debian
>>> > config interface: eth0
>>> > output log_acid_db: mysql, database snort, server localhost, user root,
>>> > password mysnortpassword, detail full
>>> >
>>> > But to launch Barnyard
>>> > I changed the command (snort) from this :
>>> >
>>> > # /usr/local/bin/barnyard \
>>> > -c /etc/snort/barnyard.conf \
>>> > -g /etc/snort/gen-msg.map \
>>> > -s /etc/snort/sid-msg.map \
>>> > -d /var/log/snort \
>>> > -f snort.log \
>>> > -w /etc/snort/barnyard.waldo &
>>> >
>>> > to this
>>> >
>>> > # /usr/local/bin/barnyard  -c /etc/suricata/barnyard.conf -d
>>> > /var/log/suricata &
>>> >
>>> > But it dosen't work :s
>>> >
>>> > Can u help me,
>>> >
>>> > Regards.
>>> > Anas
>>> >
>>> > _______________________________________________
>>> > Oisf-users mailing list
>>> > Oisf-users at openinfosecfoundation.org
>>> > http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>> >
>>> >
>>>
>>
>>
>> _______________________________________________
>> Oisf-users mailing list
>> Oisf-users at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20100708/629217c6/attachment-0002.html>

More information about the Oisf-users mailing list