search

firnsy / barnyard2

Barnyard2 is a dedicated spooler for Snort's unified2 binary output format.
GNU General Public License v2.0
344 stars 189 forks source link

Barnyard2 won't pull alerts to Snorby #226

Open nan008 opened 6 years ago

nan008 commented 6 years ago

Hello,

I am new to Snort/Barnyard2/Snorby environment. I implemented the system on Centos 7 with Snort 2.9.9.0, Barnyard 2.1.14 (Build 337) and Snorby 2.6.3. My snort config has two files snort.u2 and alerts.u2

I want them both to go to Snorby - at the moment Barnyard2 is seeing only snort.u2 file if I change to alerts.u2 it is not sending anything to MYSQL.

Also a question: Snorby is only showing stream5: TCP Small Segment Threshold Exceeded - have pages and pages of this error and nothing else - any help with both issues?

vulgarman commented 6 years ago

Hi @nan008 may u help me barnyard2.?