Re: [Snort-users] sguil and barnyard errors
This is a discussion on Re: [Snort-users] sguil and barnyard errors within the Snort forums, part of the System Security and Security Related category; For some reason, the op_sguil plugin didn't get compiled into barnyard. Try a `make distclean` from your barnyard src ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-08-2003
|
|||
|
|||
Re: [Snort-users] sguil and barnyard errors
For some reason, the op_sguil plugin didn't get compiled into barnyard. Try a `make distclean` from your barnyard src root and follow the instructions again. BTW, which instructions are you using?
FYI: You can post sguil questions to sguil-users and sguil-devel. Bammkkkk On Wed, Oct 08, 2003 at 09:55:59AM -0600, Kerry Cox wrote: > Not exactly Snort-related, but I thought I'd throw this out. > I'm trying to get Squil to run on a Red Hat 9 machine with the latest > patches and kernel. > Just want to try it out for management. I have been following the > instructions for configuring barnyard including modifying the > op_plugbase.c and Makefile. It appears to compile fine. But when I run > barnyard, here is what I see: > > # barnyard -c /usr/local/etc/snort/barnyard.conf -d /usr/local/etc/snort > -g /usr/local/etc/snort/gen-msg.map -s /usr/local/etc/snort/sid-msg.map > -f snort.log -w /usr/local/etc/snort/waldo.file > > -*> Barnyard! <*- > Version 0.1.0 (Build 17) > By Andrew R. Baker (andrewb@snort.org) > and Martin Roesch (roesch@sourcefire.com, www.snort.org) > > Loading Data Processors... > dp_alert loaded > dp_log loaded > dp_stream_stat loaded > Loading Built-in Output Plugins... > Fast Alert plugin initialized > AlertSyslog initialized > Log Dump plugin initialized > LogPcap initialized > AlertCSV initialized > Parsing Config file: /usr/local/etc/snort/barnyard.conf > WARNING /usr/local/etc/snort/barnyard.conf(158) => Unknown output plugin > "sguil" referenced, ignoring!Barnyard Version 0.1.0 (Build 17) started > Unable to open spool file > Exiting > > This is what I have in my barnyard.conf file. I have removed all > comments for the sake of space. > > > config hostname: localhost > config interface: eth0 > config filter: not port 22 > processor dp_alert > processor dp_log > processor dp_stream_stat > output alert_fast > output log_dump > output sguil: mysql, sensor_id 0, database sguildb, server localhost, > user root, password *****, sguild_host localhost, sguild_port 7736 > > Please forgive my ignorance of barnyard, but I'm working on it. If > anyone has any ideas, I'd be interested in hearing them. > Thanks. > KJ > > > -- > Kerry Cox <kerry.cox@ksl.com> > KSL Radio and Television ------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php _______________________________________________ Snort-users mailing list Snort-users@lists.sourceforge.net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/...fo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.p...st=snort-users 
|
Linear Mode
