[Bro] Nodes are running but no logs associated to network traffic going to <prefix>/logs/current/
charlie.holiday at gmail.com
Thu Jun 18 13:39:42 PDT 2015
Just completed installing BRO on a new Dell PowerEdge R420 with a Intel
X520 DP 10Gb DA/SFP+ Server Adapter.
I setup BRO as a cluster on this system in order to use pf_ring to spread
the load across multiple cores. This setup has worked great for other
systems in my environment with the only difference being this new system is
using 10Gb SFP+ adapters.
Any ideas on what might be causing this issue would be greatly appreciated.
Below is some information on what I am seeing:
communication.log notice.log stderr.log stdout.log weird.log
[BroControl] > status
Name Type Host Status Pid Peers Started
manager manager localhost running 21170 5 18 Jun
proxy-1 proxy localhost running 21195 5 18 Jun
worker-1-1 worker localhost running 21257 2 18 Jun
worker-1-2 worker localhost running 21254 2 18 Jun
worker-1-3 worker localhost running 21256 2 18 Jun
worker-1-4 worker localhost running 21255 2 18 Jun
[BroControl] > netstats
worker-1-1: 1434659737.208884 recvd=147334297 dropped=2080 link=147336423
worker-1-2: 1434659737.408838 recvd=147338710 dropped=405 link=147339135
worker-1-3: 1434659737.608633 recvd=147342307 dropped=792 link=147343135
worker-1-4: 1434659737.808998 recvd=147347149 dropped=318 link=147347519
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro