4. Suricata Barnyard2 Remote Syslog. Broken?

Suricata Barnyard2 Remote Syslog. Broken?

  • V

    I'm trying to push Suricata alert logs to a remote syslog server. Barnyard2 doesn't seem to be working. The only way I can get Suricata alerts to the remote server is to configure Suricata to write to the local system log and then forward the local system log to the remote syslog server.

    Any ideas? Is Barnyard2 broken?

    0 1 Reply

  • @vbman213 said in Suricata Barnyard2 Remote Syslog. Broken?:

    I'm trying to push Suricata alert logs to a remote syslog server. Barnyard2 doesn't seem to be working. The only way I can get Suricata alerts to the remote server is to configure Suricata to write to the local system log and then forward the local system log to the remote syslog server.

    Any ideas? Is Barnyard2 broken?

    Barnyard2 is slowly dying on the vine as the FreeBSD port has not been materially updated in several years. However, it should still run with Suricata and pfSense. Are you sure Barnyard2 is actually starting on the interface? Are there any messages in the pfSense system log relating to Barnyard2?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy