Ok so using ubuntu 32 bit and running snort which I can see the u2 logs but Barnyard2 does not appear to be reading these files as nothing is the sql database.
So how can I test this? this is the command I use to run barnyard2 . "/barnyard2-install/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f .u2. -w /var/log/snort/barnyard2.waldo"
which I see no waldo file there so yeah Im really a newbie but I need to learn this stuff somehow.
For snort I just type service snort start. Im running as root and when I check mysql database its empyty. Can I write barnyards readings to a file?
Is there a place that might have the answers I seek? Is there a way to test this stuff?
Also u2spewfoo doesnt appear to be with my snort.
If you configure your snort.conf ( to log as unified2) and barnyard.conf (to connect to mysql)correctly, try the following command to run snort and barnyard correctly and they will work together well:
to run snort:
to run barnyard:
notice1: change the "/usr/local/bin" and other path to your barnyard and snort installation path.
notice2: if you did not install IPQ module ( enable it during configuring DAQ) delete "--daq ipd -Q" and at the end, you can use many guideline and manual to run snort and barnyard, some of them can be found in snort.org