[Bro-Dev] #603: Checking correctness of logs
Bro Tracker
bro at tracker.bro-ids.org
Fri Sep 9 07:52:15 PDT 2011
#603: Checking correctness of logs
---------------------+------------------------
Reporter: robin | Owner:
Type: Task | Status: new
Priority: Normal | Milestone: Bro1.6
Component: Bro | Version: git/master
Resolution: | Keywords:
---------------------+------------------------
Comment (by gregor):
On 9/9/11 7:18 , Bro Tracker wrote:
> Before we release the final 2.0, we really need to do a rather
> thorough check of the logs to make sure they are correct. The way I
> picture doing that is that everybody picks connections at random and
> manually checks that the logs report what he'd expect from examining
> the raw payload with tcdpump/wireshark/strings/whatever. That's pretty
> painful but I don't really see a better way. Thoughts welcome.
Additionally comparing to the output of Bro-1.5 is also a (less painful)
option.
cu
Gregor
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/603#comment:0>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list