Hi,<br><br>I am trying to run bro on trace file specifically on the tcpdump file provided in bro workshop.<br><br>url<br><br><a href="http://www.bro-ids.org/bro-workshop-2007/exercises/exercise1.html">http://www.bro-ids.org/bro-workshop-2007/exercises/exercise1.html
</a><br><br>but I was unable run that giving me command not found.<br><br>sample of my output is<br><br>
In the url<br>
<br>
<a href="http://www.bro-ids.org/bro-workshop-2007/exercises/exercise1-solution.html">http://www.bro-ids.org/bro-workshop-2007/exercises/exercise1-solution.html</a><br>
<br>
they asked to create local.bro<br>
<br>
I created that file<br>
<br>
Then they asked to run some analyzer<br>
<br>
they asked to use setenv and bro -r<br>
<br>
I used to them but giving me command not found.<br>
<br>
<br>
loud@1006kro:/usr/local/bro$ sudo vim local.bro<br>
loud@1006kro:/usr/local/bro$ ls<br>
archive  etc      lib        logs  policy   scripts  site            var<br>
bin      include  local.bro  perl  reports  share    trace1.tcpdump<br>
loud@1006kro:/usr/local/bro$ cat local.bro <br>
redef local_nets: set[subnet] = {<br>
        <a href="http://10.20.1.0/24">10.20.1.0/24</a>,<br>
};<br>
loud@1006kro:/usr/local/bro$ sudo setenv BROPATH =<br>
/usr/local/bro/site/:/usr/local/bro/policy/:/usr/local/bro/policy/sigs<br>
sudo: setenv: command not found<br>
loud@1006kro:/usr/local/bro$  setenv BROPATH =<br>
/usr/local/bro/site/:/usr/local/bro/policy/:/usr/local/bro/policy/sigs<br>
bash: setenv: command not found<br>
loud@1006kro:/usr/local/bro$ bro -r trace1.tcpdump  local tcp alarm wierd<br>
bash: bro: command not found<br>
loud@1006kro:/usr/local/bro$ <br>
<br>
<br>
are those commands depend on the directory I am present.<br>
<br>In which directory do I need to run that command.<br><br>Thanks,<br>KM.<br>