[Bro] how to run on trace files
nweaver at ICSI.Berkeley.EDU
Thu Dec 20 12:55:06 PST 2007
On Thu, Dec 20, 2007 at 02:40:06PM -0500, kanthi myneni composed:
> I am sorry I didnt get it. I am not that much familiar with linux commands .
> I tried to do so but getting same output
> loud at 1006kro:/$ BROHOME = /usr/local/bro/
> bash: BROHOME: command not found
> loud at 1006kro:/$ BROPATH = $/usr/local/bro/site
> bash: BROPATH: command not found
> loud at 1006kro:/$ PATH = /usr/local/bro/bin:SPATH
> bash: PATH: command not found
No spaces, sorry
> Kanthi Myneni.
> On Dec 20, 2007 2:10 PM, Nicholas Weaver <nweaver at icsi.berkeley.edu> wrote:
> > Setenv is the TCSH syntax for setting environment variables.
> > For bash, you do
> > BROHOME=/usr/local/bro
> > BROPATH=$BROHOME/site:$BROHOME/policy:$BROHOME/sigs
> > Also, you need to set your path to include bro
> > PATH=/usr/local/bro/bin:$PATH
> > > loud at 1006kro:/usr/local/bro$ bro -r trace1.tcpdump local tcp alarm wierd
> > > bash: bro: command not found
> > > loud at 1006kro:/usr/local/bro$
> > >
> > >
> > > are those commands depend on the directory I am present.
> > >
> > > In which directory do I need to run that command.
> > >
> > > Thanks,
> > > KM.
> > > _______________________________________________
> > > Bro mailing list
> > > bro at bro-ids.org
> > > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
> > --
> > Nicholas C. Weaver nweaver at icsi.berkeley.edu
> > This message has been ROT-13 encrypted twice for higher security.
Nicholas C. Weaver nweaver at icsi.berkeley.edu
This message has been ROT-13 encrypted twice for higher security.
More information about the Bro