[Bro-Dev] #548: broctl brokenness multi-ticket

Bro Tracker bro at tracker.bro-ids.org
Tue Aug 9 22:28:23 PDT 2011


#548: broctl brokenness multi-ticket
-------------------------+--------------------
  Reporter:  seth        |      Owner:
      Type:  Problem     |     Status:  new
  Priority:  Normal      |  Milestone:  Bro1.6
 Component:  BroControl  |    Version:
Resolution:              |   Keywords:  beta
-------------------------+--------------------
Description changed by seth:

Old description:

> My updates to fix bro/broctl integration are in topic/various-updates.
> Those updates do not fix these issues however (and any help would be
> greatly appreciated)....
>
> - "check" command is broken.  The Bro instance that the check-config
> script starts up doesn't die.
>
> - Potential problem with node naming.  Names like this "nids-27A" would
> start, but broctl wouldn't know afterward that the instance was running
> (even though it was).
>
> - File rotation needs to be disabled when not running on live traffic
> (for the new process command primarily).
>
> - "scripts" command needs to be fixed.  Maybe it should run bro and print
> the loaded_scripts.log file to the output?

New description:

 My updates to fix bro/broctl integration are in topic/various-updates.
 Those updates do not fix these issues however (and any help would be
 greatly appreciated)....

 - "check" command is broken.  The Bro instance that the check-config
 script starts up doesn't die.

 - Potential problem with node naming.  Names like this "nids-27A" would
 start, but broctl wouldn't know afterward that the instance was running
 (even though it was).

 - File rotation needs to be disabled when not running on live traffic (for
 the new process command primarily).

 - "scripts" command needs to be fixed.  Maybe it should run bro and print
 the loaded_scripts.log file to the output?

 - Problem with file rotation
     - There are three different styles of file names being created right
 now depending on if Bro crashed and was restarted or if files were rotated
 normally, and another file name in an unknown case.  Here are the example
 files names:
       - syslog.20:00:00-21:00:00.gz
       - syslog.2011-08-09-13-00-00.log.12:29:45-13:44:59.gz
       - syslog.log.12:20:22-12:28:42.gz

--

-- 
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/548#comment:2>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker



More information about the bro-dev mailing list