[Bro-Dev] Bro 2.6-beta plans

Azoff, Justin S jazoff at illinois.edu
Thu Sep 6 12:41:48 PDT 2018

> On Sep 5, 2018, at 6:35 PM, Jon Siwek <jsiwek at corelight.com> wrote:
> There's no significant code changes/features planned to get added to
> the master branch from now until the 2.6-beta gets released (maybe in
> about a week).  Until that happens, please help test the latest master
> branch and provide any feedback about how it's working if you can.
> - Jon
> _______________________________________________
> bro-dev mailing list
> bro-dev at bro.org
> http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

I just got 2 clusters upgraded from 

fa7fa5aa to

And now everything is broken..

cpu and memory are through the roof across the board, as well as network traffic, but it's not logging much.

I may have created a message loop replacing the relay_rr stuff, but it's kind of hard to tell.

I'll do some more testing but so far this is the first issue I've ran into in months.

I guess one observation is that it is really hard to tell what bro/broker are doing.   Before you could minimally
tcpdump the communication and see what events were being sent back and forth, but now that is encrypted.

Justin Azoff

More information about the bro-dev mailing list