[Bro-Dev] #768: Inline monitoring of modified scripts.
Bro Tracker
bro at tracker.bro-ids.org
Wed Feb 15 07:27:02 PST 2012
#768: Inline monitoring of modified scripts.
------------------------+------------------------
Reporter: seth | Owner:
Type: Problem | Status: new
Priority: Normal | Milestone: Bro2.1
Component: BroControl | Version: git/master
Keywords: |
------------------------+------------------------
We need to train users to do check, install, restart through broctl
better. I'd like to reduce the barrier to entry a bit more and if broctl
can coach new users through the process better and remind existing users
of the process it would be great.
Here are my suggestions for what I think needs to be done:
- Track hashes for all copied scripts (maybe in broctl.dat?) and watch for
changes to notify the user. I think it would be ok to only notify the
user when they are in broctl but I can see that people may want that to
also check and occasionally email from broctl cron (let's save emailing
for later though, inline notification in broctl may be enough).
- Track hashes for scripts that have been "checked" because then we can
coach people about what step in the process they are at. If someone has
already run "check" on the current scripts we can recommend that they need
to
- Create variables to turn off various suggestions. I think the various
suggestions would be "need to check scripts", "need to install scripts",
and "ready to restart" or something along those lines. I'm not even sure
I like this idea though.
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/768>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list