FATAL ERROR: [ParseSidMapLine()]: Unknown sidmap file version [0]

[allewwaly]

this error happens when run barnyard2 with snort 2.9.6.1, the configuration of barnyard2.conf contains config sid_file: /etc/snort/community-sid-msg.map and the community-sid-msg.map file looks like:

# Copyright 2005 Sourcefire, Inc. All Rights Reserved.
# This file is licensed under the GNU General Public License.
# Please see the file LICENSE in this directory for more details.
# Id SID -> MSG map

100000100 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Flowbit || cve,2004-0629 || bugtraq,10947
100000101 || COMMUNITY EXPLOIT Windows Acrobat Reader Activex Overflow Exploit || cve,2004-0629 || bugtraq,10947
100000102 || COMMUNITY GAME Halocon Denial of Service Empty UDP Packet || bugtraq,12281
100000103 || COMMUNITY GAME Breed Game Server Denial of Service Empty UDP Packet || bugtraq,12262
100000104 || COMMUNITY GAME Amp II 3D Game Server Denial of Service Empty UDP Packet || bugtraq,12192

[josecarc]

I have the same problem. Did you fix it?

[allewwaly]

I just use sid-msg.map autogenerated by PulledPork, instead of that one.

[MSTRFiNiX]

I kind of found out how to fix this problem use this site maybe this will work https://unix.stackexchange.com/questions/435823/barnyard-missing-sid-msg-map-file-from-snort#435855