[Bro] cluster manager log buffering
Justin Azoff
JAzoff at uamail.albany.edu
Thu Dec 17 13:27:40 PST 2009
Hi all,
I'm working on setting up a single node multi-core bro cluster, and I think I
finally got everything working, except that logs are being buffered on the
manager no matter what I do.
I tried hacking File.cc to change buffered=false,
I tried loading file-flush,
nothing seems to help.
What I'm seeing is that for quiet log files, records are taking about 10
minutes to show up.
The interesting thing is that alarm.log, mail.log, and notice.log are somehow treated differently, and are not being buffered.
How exactly does a print statement in a worker get turned into a file write
call on the manager?
--
-- Justin Azoff
-- Network Performance Analyst
More information about the Bro
mailing list