Flonkbob Posted September 15, 2014 Report Posted September 15, 2014 Okay, this is the second time I've run into this. I had the exact same results when I did the install using IIS and MySQL. I built by following line-for-line the posted instructions. Barnyard, snort winsql checks were all successful. Base starts up properly. Base shows ONLY updates from the first day it was running The base home page (and any other pages I open) shows the red 'events updated' message periodically in the upper part of the page. I get nothing, however, when I click on the menu items for Today's events or date limited searches. I'm guessing it has something to do with base configuration, but I don't know what it might be. Any ideas are welcome, I'd be more than happy to try anything you can suggest. Flonk
Morpheus Posted September 18, 2014 Report Posted September 18, 2014 So the events are being logged but the date is not being updated?
Flonkbob Posted October 2, 2014 Author Report Posted October 2, 2014 So the events are being logged but the date is not being updated? Correct. However, I have found that over time (way over a WEEK), it did catch up with itself.
Morpheus Posted October 2, 2014 Report Posted October 2, 2014 I ended up deleteing the log files to get it to correctly update the date. The events were correct but didn't have the correct date. I believe this is due to a corrupted waldo file. To fix; use the Windows Intrusion Detection Systems security console and delete all the events. Stop snort and Barnyard2 from the Task Manager, Go into the d:\winids\snort\logs folder, delete all the files, and reboot.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now