[Bro] cluster VS single instance - different results
william de ping
bill.de.ping at gmail.com
Sun Jul 23 06:19:44 PDT 2017
I know issues related to this exists out there, but I havent manage to fix
The issue is that a single bro instance produces relevant logs upon
listening to interface eth0.
Yet broctl configured with a single worker that is listening to the same
interface, running the same scripts, fail to produce relevant log files.
I tried setting ignore_checksum = T and I have tried to run bro worker the
way broctl runs it.
Can anyone think of an explanation for this issue ?
Both single instance and single worker have the same additional scripts..
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro