How do I extract tcpdump / wireshark / lib pcap formatted data from snort unified logs using barnyard?

by n0b0dy

How do I extract tcpdump / wireshark / lib pcap formatted data from snort unified logs using barnyard?

step 1: barnyard -c /path/to/barnyard.with.pcap.output.specified.conf -L /output/directory -s /path/to/sid-msg.map -g /path/to/gen-msg.map -p /path/to/classification.config -o /path/to/snort.log.123456789 step 2: wipe hands on pants.

Read more of The Yak's Frequently Questioned Answers (mod.2010-02-10)

428. What is emo surfing (emosurfing)? [jake/2006-01-21]
360. How can I keep my Alcohol-Laced Yak Beverage cold on a hot, sunny day? [goodwill/2003-06-02]
343. How can I patch my in kernel PCMCIA orinoco drivers so that I may change my MAC address/enter MonMode? (and use kismet, airsnort and the like...) [jake/2002-12-19]
322. how do i verify an address in sendmail? [jesse/2002-08-30]
307. Where the hell is #yak? [vonguard/2002-02-07]
237. how do i setup lm_sensors on an abit vp6 mobo? [jesse/2001-07-08]
204. Now that Mir's gone, where can I find images and information about the station and its reentry? [rupe/2001-03-22]
184. Just how many people are their, anyway? [les/2001-02-22]
170. Where can I find the Linux Kernel Wishlist? [rupe/2001-01-31]
110. How can I download a new ringtone to my SMS capable phone without having net access? [rupe/2000-07-09]
70. How can I get info from my (email-capable) cellfon? [robey/2000-02-29]
65. Where can I get help with my Physics homework? [strick/2000-02-22]
53. Why is strick's favorite composer Dennis Báthory-Kitsz? [strick/2001-05-13]