-
Attempting to start 0.2.0 in daemon mode on a log file
created by snort as log_unified or unified (see syslog
messages below) results in the following errors:
Oct 6 13:39:00 leibnitz barnyard[7114]: FATAL ERROR:
ERROR: No input plugin found for magic: a1b2c3d4
Oct 6 13:51:20 leibnitz barnyard[7636]: FATAL ERROR:
ERROR: No input plugin found for magic: 2dac5ceb
Strangely, in...
2006-10-06 18:35:06 UTC by nobody
-
Logged In: YES
user_id=1550258
After applying the patch run autoconf.
2006-07-05 15:37:16 UTC by eblizniuk
-
This patch adds to the Barnyard 0.2.0 a new output
plugin. The plugin provides sending SNMP v2 traps upon
Snort alerts. The module works as Agent X subagent and
directs the traps to snmpd, which is supposed to
retranslate them to the final destinations.
Following configuration options were added:
--enable-snmp - enamles SNMP plugin
--with-net-snmp - should be used when net-snmp package...
2006-07-05 11:41:14 UTC by eblizniuk
-
This patch adds to the Barnyard 0.2.0 a new output
plugin. The plugin provides sending SNMP v2 traps upon
Snort alerts. The module works as Agent X subagent and
directs the traps to snmpd, which is supposed to
retranslate them to the final destinations.
Following configuration options were added:
--enable-snmp - enamles SNMP plugin
--with-net-snmp - should be used when net-snmp package...
2006-07-05 11:17:44 UTC by eblizniuk
-
Note this code from ConfigFile_Parse() in ConfigFile.c:
if((fp = fopen(filename, "r")) == NULL)
{
FatalError("Failed to open config file '%s':
%s\n", filename,
strerror(errno));
goto error;
}
file_name = filename;
file_line = 0;
if((fp = fopen(filename, "r")) == NULL)
{
FatalError("Failed to open config file...
2006-05-12 19:04:29 UTC by nobody
-
Logged In: YES
user_id=1300601
Updated patch to also address lack of proper signature
revision logging.
2006-04-08 14:21:49 UTC by colingrady
-
Patch for Barnyard 0.2.0 to cache signature IDs
associated with signatures in the database. Signature
IDs in the database are not the same as a signature SID
in the scope of the database. Normally Barnyard must
query the database with every alert to determine the
signature ID -- way more overhead than necessary. This
patch will reduce the total number of database
transactions by roughly...
2006-04-08 14:20:13 UTC by colingrady
-
Patch to Barnyard 0.2.0 to add support for the Snort DB
schema 107. Barnyard will continue to support schema
106 by identifying the schema version when connecting
and making schema-dependant queries. Schema 107 was
introduced with Snort 2.4.4 and adds generator ID
logging to the signature table.
2006-04-07 17:21:49 UTC by colingrady
-
Guys,
I am having a slight problem with the way I want
to use base, snort and barnyard. As alerts come in
the are examined, investigated etc, and then archived
to an archive database. This keeps the live alert
database lean and mean! Unfortunately barnyard looks
at the live alert database to determine the next CID
to use, thus if all of the alerts have been dealt
with from a...
2005-12-05 10:56:57 UTC by greymore57
-
jnathan committed patchset 62 of module barnyard to the Barnyard CVS repository, changing 1 files.
2005-12-04 09:13:10 UTC by jnathan