[Bro-Dev] #603: Checking correctness of logs

Bro Tracker bro at tracker.bro-ids.org
Fri Sep 9 07:18:54 PDT 2011


#603: Checking correctness of logs
------------------------+--------------------
 Reporter:  robin       |       Type:  Task
   Status:  new         |   Priority:  Normal
Milestone:  Bro1.6      |  Component:  Bro
  Version:  git/master  |
------------------------+--------------------
 Before we release the final 2.0, we really need to do a rather
 thorough check of the logs to make sure they are correct. The way I
 picture doing that is that everybody picks connections at random and
 manually checks that the logs report what he'd expect from examining
 the raw payload with tcdpump/wireshark/strings/whatever. That's pretty
 painful but I don't really see a better way. Thoughts welcome.



 --
 Robin Sommer * Phone +1 (510) 722-6541 * robin at icir.org
 ICSI/LBNL    * Fax   +1 (510) 666-2956 *   www.icir.org

-- 
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/603>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker



More information about the bro-dev mailing list