Ok so using ubuntu 32 bit and running snort which I can see the u2 logs but Barnyard2 does not appear to be reading these files as nothing is the sql database.
So how can I test this? this is the command I use to run barnyard2 . "/barnyard2-install/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f .u2. -w /var/log/snort/barnyard2.waldo"
which I see no waldo file there so yeah Im really a newbie but I need to learn this stuff somehow.
For snort I just type service snort start. Im running as root and when I check mysql database its empyty. Can I write barnyards readings to a file?
Is there a place that might have the answers I seek? Is there a way to test this stuff?
Also u2spewfoo doesnt appear to be with my snort.
Fist of all snort should be able to generate the .u2 log as barnyard only reads the u2 logs. The barnyard configuration file should be set with the output module to log into the database with the right database name, password and username.. MySQL service should be running.(do check it). Waldo is a file that gets generate by initiating a barnyard command. Once you stopped the barnyard using CTRL+C and again initiate the command, it doesn't log the previously logged data, instead it logs new data. ".waldo" file is something like "TO BE CONTINUED".