[Oisf-users] Suricata and Barnyard2
Greg Grasmehr
greg.grasmehr at caltech.edu
Wed Mar 13 17:50:49 UTC 2019
Hello,
Wondering if anyone else is using Unified2 output from Suricata to be
read by Barnyard2? I'm asking because I notice that one of the map
files required by Barnyard2, gen-msg.map, is pretty much nonexistent
these days in terms of updates, our version is very old.
Barnyard2 seems to require this map file in order to operate correctly
and since Barnyard2 itself has not been updated in years, I am wondering
if anyone knows of a way to generate appropriate gen-msg.map files OR if
there is indeed a better way to handle Unified2 output format these days
in terms of parsing and syslogging the event data and pcap information?
Thanks in advance for any helpful suggestions.
--
Sincerely,
Greg Grasmehr
Lead Information Security Analyst
California Institute of Technology (Caltech)
GPGMe: 38E2 F9BD A95E 9824 20AB 331A 9E29 D1A1 AAEE 5F42
pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x9E29D1A1AAEE5F42
More information about the Oisf-users
mailing list