Radu Surugiu

Well, configuration is validated but now after restarting system I get an error in barnyard2, warning can't extract timestamp extension from 'merged.log' using base 'merged.log'. I really dont know where to go from there, maybe I should do a fresh install (instead of update from old version) with latest version (2990)? when I installed it initially I did not run in so many errors. Thank you

It worked. But then I got another error on line 509, blacklist $BLACK_LIST_PATH/black_list.rules because in rules folder the black_list.rules file does not exist, it is now bkacklist.rules, so I had to change to blacklist $BLACK_LIST_PATH/blacklist.rules, and now the configuration was validated. Thank you again.

I did the upgrade, I think I followed all steps, but now when testing snort.conf I am getting a fatal error ERROR: d:\winids\snort\etc\snort.conf(326) => Invalid keyword '}' for server configuration. Thank you, I am using the version 2.9.9.0 that I downloaded yesterday.

I changed the version of snort in the pulledpork.conf file to 2.9.8.0 and now it is downloading. I still have the version of snort I installed probably 9 month ago, 2.9.7.5. My understanding is they should match, but aparently version 2.9.7.5 of the rules does not esist anymore. Does it mean I have to upgrade all the time Snort to a newer version to make this work? Thank you,

Yes, sorry my mistake, I corrected the error (was missing snort _version which is 2.9.7.5 in my case and now I am getting error 422 when fetching snortrules-snapshot-2975.tar.gz.md5 at pulledpork.pl line 517 I will check again all pulledpork.conf file

trying to update rules with Pulledpork after following tutorial 'uname' is not recognized as an intenal or external command. The specified Snort binary does not exist. Please correct the value or specify the FULL rules tarball name in pulledpork.conf! at d:\winids\pulledpork\pulledpork.pl line 1932