[Bro] DNS logging

Louis F Ruppert lruppert at syr.edu
Thu Nov 12 04:46:05 PST 2009

Mine is set to false here:


(who also spent some time trying to figure this out)

From: bro-bounces at ICSI.Berkeley.EDU [bro-bounces at ICSI.Berkeley.EDU] On Behalf Of Tyler Schoenke [Tyler.Schoenke at colorado.edu]
Sent: Wednesday, November 11, 2009 5:40 PM
To: bro at ICSI.Berkeley.EDU
Subject: [Bro] DNS logging

I noticed that the DNS.log is no longer being created when running the
cluster.  I don't think I changed anything to disable it.  It is still
being loaded by local.bro.  I am running the latest trunk.

$ broctl print DNS::logging

    manager   DNS::logging = F
    proxy-1   DNS::logging = F
   worker-1   DNS::logging = F

The dns.bro script shows logging defaulted to true.  Where is it getting
set to false when the cluster runs?


Tyler Schoenke
Network Security Analyst
IT Security Office
University of Colorado - Boulder
Bro mailing list
bro at bro-ids.org

More information about the Bro mailing list