[Bro-Dev] Trouble with getting Bro 2.2 private analyzer to write logs on current master
james.swaro at gmail.com
Tue Jun 16 19:22:23 PDT 2015
I have a TCP analyzer that I wrote for my master thesis which I'm trying to
update to the latest version of Bro. After rebasing to the trunk, I
observed only a few collisions. I resolved the collisions and but something
seems to have changed with how the logs are written. Are there changes in
the logging framework between Bro 2.2 and the current master which could
influence how events are generated? Could this be a change in how packets
are delivered to TCP child/support/application analyzers?
I am only guessing at things as I haven't had much time to debug why the
logs aren't being generated. From some quick debug, I can see that the
analyzer is still being added to TCP as a child analyzer, so it seems
related to either delivery or event generation.
I know this is little information to go on. I can provide more information
Internetworking Research Group
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bro-dev