[Bro] Documentation and getting started.
jmellander at lbl.gov
Mon Oct 16 12:20:28 PDT 2017
Check this link for info on
the bro directory structure that may help you: https://www.bro.org/sphinx/
As far as monitoring a bridged interface, there should be no problem, as
long as bro can access the interface. If you're not running as root, see:
Does tcpdump provide expected output when run against br0?
Hope this helps,
On Mon, Oct 16, 2017 at 9:49 AM, Sniper <daniel_aka_sniper_d at hotmail.com>
> Hello Everyone,
> Is there reference page on all the default installation directory
> locations are by any chance? $PREFIX just makes it a very long process
> establishing where all the files are located. If not, I think this would
> be excellent for beginners like me.
> Also, I have created a bridge interface that I want to monitor using
> ubuntu/bro by connecting two hosts, for some reason I can't seem to
> generate any logs in /usr/local/bro/logs/ (no 'current' folder when bro
> is started as in the documentation). Is this even possible to monitor a
> bridge interface using bro on the same host? I have already changed
> node.cfg interface to br0.
> There are no tutorials nowhere on how to actually get started, tried to
> follow the instructions but still no luck, ive been wasting days on
> this. If someone could point me in the right direction i'll greatly
> appreciate it.
> Kind regards
> This email has been checked for viruses by Avast antivirus software.
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro