[Bro-Dev] [JIRA] (BIT-1179) HTTP messages missing in files.log

Robin Sommer (JIRA) jira at bro-tracker.atlassian.net
Thu Apr 10 08:30:07 PDT 2014

    [ https://bro-tracker.atlassian.net/browse/BIT-1179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16112#comment-16112 ] 

Robin Sommer commented on BIT-1179:

Agree, if that's indeed the reason, it's nothing to fix.

Though the client side of those requests still appears in http.log,
are they parsed before the gap comes on the server side?

Also, I noticed this when comparing against output of when using the
BinPAC++ HTTP analyzer; with that one, they all get reported in
files.log. However, that one doesn't deal with gaps either so not sure
how that comes. I'll take another look later.


> HTTP messages missing in files.log
> ----------------------------------
>                 Key: BIT-1179
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1179
>             Project: Bro Issue Tracker
>          Issue Type: Problem
>          Components: Bro
>            Reporter: Robin Sommer
>            Assignee: Jon Siwek
>             Fix For: 2.3
> I have a trace with multiple HTTP requests inside a persistent HTTP session. for which only the first two appear in files.log, the remaining ones are missing. Looks like a bug. 

This message was sent by Atlassian JIRA

More information about the bro-dev mailing list