airblainer

Baryard2 service starts then stops

2 posts in this topic

Hi!

Thank you for the amazing tutorial! I searched and found another user with this same issue I'm having in the posts.He said he modified the VB script and the only vb script I saw was modder.vbs - and it was true it referenced drive d: throughout. I use drive c so I modified that script, BUT still no luck.

c:\winids\activators\by2-test returns success as it should: (I think)

>c:\winids\barnyard2\barnyard2.exe -c c:\winids\barnyard2\etc\barnyard2.conf -d c:\winids\snort\log -f merged.log -l c:\winids\barnyard2 -w c:\winids\snort\log\barnyard.wald
Running in Test mode

        --== Initializing Barnyard2 ==--
Initializing Input Plugins!
Initializing Output Plugins!
Parsing config file "c:\winids\barnyard2\etc\barnyard2.conf"


+[ Signature Suppress list ]+
----------------------------
+[No entry in Signature Suppress List]+
----------------------------
+[ Signature Suppress list ]+

Barnyard2 spooler: Event cache size set to [32768]
INFO database: Defaulting Reconnect/Transaction Error limit to 10
INFO database: Defaulting Reconnect sleep time to 5 second

[CacheSynchronize()],INFO: No system was found in cache (from signature map file), will not process or synchronize informations found in the database

database: compiled support for (postgresql)
database: configured to use mysql
database: schema version = 107
database:           host = winids
database:           user = snort
database:  database name = snort
database:    sensor name = WinIDS-Home
database:      sensor id = 1
database:     sensor cid = 1
database:  data encoding = hex
database:   detail level = full
database:     ignore_bpf = no
database: using the "log" facility

        --== Initialization Complete ==--

  ______   -*> Barnyard2 <*-
 / ,,_  \  Version 2.1.14 (Build 337)
 |o"  )~|  By Ian Firns (SecurixLive): http://www.securixlive.com/
 + '''' +  (C) Copyright 2008-2013 Ian Firns <firnsy@securixlive.com>


Barnyard2 successfully loaded configuration file!
Barnyard2 exiting
database: Closing connection to database "snort"

There is nothing in event viewer referencing this crash.

when I try net start baryard2:

C:\>net start barnyard2
The Barnyard2 service is starting.
The Barnyard2 service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

Is there anywhere else to look? Does anyone have any ideas?

Thank you in advance!

~Blaine

Share this post


Link to post
Share on other sites

You have a non-standard path assigned. I'm betting you failed to edit one of the .reg files to match your path.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now