Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata Barnyard2 Remote Syslog. Broken?

    Scheduled Pinned Locked Moved IDS/IPS
    2 Posts 2 Posters 453 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cmcdonaldC
      cmcdonald Netgate Developer
      last edited by

      I'm trying to push Suricata alert logs to a remote syslog server. Barnyard2 doesn't seem to be working. The only way I can get Suricata alerts to the remote server is to configure Suricata to write to the local system log and then forward the local system log to the remote syslog server.

      Any ideas? Is Barnyard2 broken?

      Need help fast? https://www.netgate.com/support

      bmeeksB 1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks @cmcdonald
        last edited by

        @vbman213 said in Suricata Barnyard2 Remote Syslog. Broken?:

        I'm trying to push Suricata alert logs to a remote syslog server. Barnyard2 doesn't seem to be working. The only way I can get Suricata alerts to the remote server is to configure Suricata to write to the local system log and then forward the local system log to the remote syslog server.

        Any ideas? Is Barnyard2 broken?

        Barnyard2 is slowly dying on the vine as the FreeBSD port has not been materially updated in several years. However, it should still run with Suricata and pfSense. Are you sure Barnyard2 is actually starting on the interface? Are there any messages in the pfSense system log relating to Barnyard2?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.