Re: [Sguil-users] help with barnyard output problem: Unrecognizedargument for Sguil plugin
Status: Beta
Brought to you by:
bamm
Menu
▾
▴
Re: [Sguil-users] help with barnyard output problem: Unrecognizedargument for Sguil plugin
|
From: Raitz, A. <Ale...@yu...> - 2007-04-24 18:18:43
|
As of Sguil 0.6.1, I think all you need in barnyard.conf is: output sguil -----Original Message----- From: sgu...@li... [mailto:sgu...@li...] On Behalf Of Ricardo Sent: Tuesday, April 24, 2007 2:08 PM To: sgu...@li... Subject: [Sguil-users] help with barnyard output problem: Unrecognizedargument for Sguil plugin hi, I am setting up a sguil installation using barnyard, and when barnyard tries to send the data to the sguil server, I get several errors: Barnyard Version 0.2.0 (Build 32) WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: mysql WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: sensor_id 0 WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: database sguil WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: server localhost WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: user sguil WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: password sguil_pass WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: sguild_host localhost WARNING /etc/snort/barnyard.conf (139) =3D> Unrecognized argument for Sguil plugin: sguild_port 7736 I am runnning Kubuntu 7.04, sguil 0.6.1, mysql 5.0.22, and I installed and patched the barnyard in the following way (without errors): sudo wget http://www.snort.org/dl/barnyard/barnyard-0.2.0.tar.gz sudo tar -xzf barnyard-0.2.0.tar.gz cd /usr/local/src/sguil-0.6.1/sensor/barnyard_mods; sudo cp configure.in /usr/local/src/barnyard-0.2.0/; sudo cp op_sguil.c op_sguil.h op_plugbase.c.patch /usr/local/src/barnyard-0.2.0/src/output-plugins cd /usr/local/src/barnyard-0.2.0/src/output-plugins; sudo patch op_plugbase.c < op_plugbase.c.patch; cd ../../; sudo ./autojunk.sh; sudo ./configure --enable-mysql --enable-tcl = --with-tcl=3D/usr/lib/tcl8.3; sudo make && sudo make install; The sguil plugin configuration is: output sguil: mysql, sensor_id 0, database sguil, server localhost, user sguil, password sguil_pass, sguild_host localhost, sguild_port 7736 Could anyone help me with this?? Do you need more relevant data? Thanks --=20 Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ ------------------------------------------------------------------------ - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Sguil-users mailing list Sgu...@li... https://lists.sourceforge.net/lists/listinfo/sguil-users This communication is confidential and may be legally privileged. If = you are not the intended recipient, (i) please do not read or disclose = to others, (ii) please notify the sender by reply mail, and (iii) please = delete this communication from your system. Failure to follow this = process may be unlawful. Thank you for your cooperation. |