snort with barnyard2 not working on Fedora 12

Posted by aHunter on Server Fault See other posts from Server Fault or by aHunter
Published on 2010-08-17T00:51:47Z Indexed on 2012/06/12 4:42 UTC
Read the original article Hit count: 578

Filed under:
|

Has anyone come across this error with barnyard2 and snort?

    --== Initializing Barnyard2 ==--
Initializing Input Plugins!
Initializing Output Plugins!
Parsing config file "/etc/snort/barnyard2.conf"
Log directory = /var/log/barnyard2
database: compiled support for (mysql)
database: configured to use mysql
database: schema version = 107
database:           host = localhost
database:           user = test
database:  database name = snort
database:    sensor name = localhost:eth0
database:      sensor id = 1
database:  data encoding = hex
database:   detail level = full
database:     ignore_bpf = no
database: using the "log" facility

        --== Initialization Complete ==--

  ______   -*> Barnyard2 <*-
 / ,,_  \  Version 2.1.8 (Build 251)
 |o"  )~|  By the SecurixLive.com Team: http://www.securixlive.com/about.php
 + '''' +  (C) Copyright 2008-2010 SecurixLive.

       Snort by Martin Roesch & The Snort Team: http://www.snort.org/team.html
       (C) Copyright 1998-2007 Sourcefire Inc., et al.

WARNING: Ignoring corrupt/truncated waldofile '/var/log/snort/barnyard.waldo'
Opened spool file '/var/log/snort/snort.log.1282004944'
ERROR: Unknown record type read: 104
Fatal Error, Quitting..

Snort seems to be working correctly as I have managed to get logs via syslog but when I try to use the barnyard config via Unified2 it is not working. Presumably because of the above error.

Thanks in advance.

© Server Fault or respective owner

Related posts about fedora

Related posts about snort