[Bro] help required in logs with bro

Yagyesh Srivastava ysrivas at ncsu.edu
Wed Nov 23 12:25:33 PST 2016


I have downloaded bro and built it on a VM, using configure, make and make
Then i ran broctl install and deploy.
when i run broctl using "sudo broctl start" and subsequently issue "sudo
broctl status", it shows bro running as standalone on localhost.

my /nsm/bro/etc/nod.cfg file has
type = standalone
host = localhost
interface = eth0

Now when i try to connect to internet using my vm browser
or i curl to localhost (which has apache server running and after making
node.cfg file to hear on interface loopback) in either of the cases i
cannot see any logs getting generated.

*can someone please help me with this issue?*I dont think bro is sniffing
on the correct interface , there is something trivial i am guessing which
is going wrong. Please provide any pointers if possible.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20161123/502df060/attachment.html 

More information about the Bro mailing list