[Bro] Odd log problem - logs get archived as empty
dnthayer at illinois.edu
Fri Mar 7 10:00:59 PST 2014
On 03/07/2014 11:49 AM, Jeremy Hoel wrote:
> Well so I went to do our other bro installs and noticed that the one
> with the 2.2 fresh install already had the commands but the ones we
> upgraded from 2.1 to 2.2 did not. So eh.. I don't know.
> Plus, the 'broctl config' knew about the commands, but they weren't in
> the .sh file. So I'm not sure how/why that was different. But that is
> probably totally be me not knowing how Bro works in detail.
> I'm just helpful for the quick response of this list and that it wasn't
> something simple that I had missed.
The way broctl works now is that you need to do a
"broctl install" whenever you change the bro or broctl configuration
(i.e., config files or policy scripts). Upgrading bro/broctl
would be considered a configuration change.
More information about the Bro