|
|
|
| <prev next> |
Choosing A Webhost: |
help with barnyard output problem: Unrecognized argument for Sguil plugin: msg#00000security.ids.snort.barnyard.user
hi, I am setting up a sguil installation using barnyard, and when barnyard tries to send the data to the sguil server, I get several errors: Barnyard Version 0.2.0 (Build 32) WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: mysql WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: sensor_id 0 WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: database sguil WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: server localhost WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: user sguil WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: password sguil_pass WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: sguild_host localhost WARNING /etc/snort/barnyard.conf (139) => Unrecognized argument for Sguil plugin: sguild_port 7736 I am runnning Kubuntu 7.04, sguil 0.6.1, mysql 5.0.22, and I installed and patched the barnyard in the following way (without errors): sudo wget http://www.snort.org/dl/barnyard/barnyard-0.2.0.tar.gz sudo tar -xzf barnyard-0.2.0.tar.gz cd /usr/local/src/sguil-0.6.1/sensor/barnyard_mods; sudo cp configure.in /usr/local/src/barnyard-0.2.0/; sudo cp op_sguil.c op_sguil.h op_plugbase.c.patch /usr/local/src/barnyard-0.2.0/src/output-plugins cd /usr/local/src/barnyard-0.2.0/src/output-plugins; sudo patch op_plugbase.c < op_plugbase.c.patch; cd ../../; sudo ./autojunk.sh; sudo ./configure --enable-mysql --enable-tcl --with-tcl=/usr/lib/tcl8.3; sudo make && sudo make install; The sguil plugin configuration is: output sguil: mysql, sensor_id 0, database sguil, server localhost, user sguil, password sguil_pass, sguild_host localhost, sguild_port 7736 Could anyone help me with this?? Do you need more relevant data? Thanks -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
|
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Next by Date: | Re: help with barnyard output problem: Unrecognized argument for Sguil plugin, Paul Schmehl |
|---|---|
| Next by Thread: | Re: help with barnyard output problem: Unrecognized argument for Sguil plugin, Paul Schmehl |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
Free MagazinesCisco NewsReceive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business. subscribe Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field. subscribe The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business. subscribe Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company. subscribe Total Telecom Total Telecom is "The Economist of the communications industry". subscribe |
