[Bro] Field value missing
Javier Richard Quinto Ancieta
richardqa at gmail.com
Sun Mar 29 20:55:44 PDT 2015
I am new to Bro, and I hope you can help me.
I read the following documentation:
Exactly, this part of the code:
hook Notice::policy(n: Notice::Info)
( n$note == SSH::Password_Guessing && n$id$resp_h == 10.0.0.1
And write it in the file ../local.bro
But, when I generate an attack to IP (10.0.0.1), and I got an error: "*field
value missing [n$id]*" .
I use *bro -i eth0 local *to debug logs in live
I did many changes, also I use "$id?$resp_h" to check errors, and i got the
same error. I am sorry but I am new with Bro and I would like to know How
can I fix that?.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro