[Bro] huge weird.log/conn.log
Azoff, Justin S
jazoff at illinois.edu
Thu Dec 1 09:48:31 PST 2016
> On Dec 1, 2016, at 11:24 AM, erik clark <philosnef at gmail.com> wrote:
> Hmm. I note that I am actually, in a given hour, getting 25-30% less logs from http.log.
> Are there any guides to tuning Bro to work with af_packet?
Step 1: ensure that you can use af_packet in the first place:
It looks like your current setup is not working.
- Justin Azoff
More information about the Bro