barnyard2 icon indicating copy to clipboard operation
barnyard2 copied to clipboard
verified publisher icon firnsy

barnyard2 open the wrong logfile

Open ThomasCr opened this issue 10 years ago • 2 comments

hi,

when I run barnyard2 with the follow command, it not opens the right logfile:

barnyard2 -c /etc/barnyard2/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/snort/barnyard2.waldo -g snort -u snort

I want it to open "snort.log" and in output its opening snort.log.1440768714. I also could figure out, that -f gives only the base filename.

What option stays, that barnyard opens the right file?

Thomas

ThomasCr avatar Aug 28 '15 14:08 ThomasCr

Hi You need to carefully examine the content of syslog once barnyard2 has initialised and it starts processing your log files. But my guess is that you need to put a '/' at the end of the -d option i.e -d /var/log/snort__/__ Regards

On 28/08/2015 15:13, ThomasCr wrote:

hi,

when I run barnyard2 with the follow command, it not opens the right logfile:

barnyard2 -c /etc/barnyard2/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/snort/barnyard2.waldo -g snort -u snort

I want it to open "snort.log" and in output its opening snort.log.1440768714. I also could figure out, that -f gives only the base filename.

What option stays, that barnyard opens the right file?

Thomas

— Reply to this email directly or view it on GitHub https://github.com/firnsy/barnyard2/issues/157.

forfun2000A avatar Aug 28 '15 15:08 forfun2000A

Hi Thomas,

Send us the content of barnyard2.conf and the output of "ls -la /var/log/snort " .

Regards,

PA

pauloangelo avatar Aug 28 '15 16:08 pauloangelo