[Bro] Log rotation and /dev/null with broctl
Justin Azoff
JAzoff at uamail.albany.edu
Mon Oct 18 11:25:40 PDT 2010
On Mon, Oct 18, 2010 at 02:05:09PM -0400, Matthias Vallentin wrote:
> I receive some unexplainable errors using broctl:
>
> 19 Oct 04:42:55 [output] /usr/local/share/broctl/scripts/archive-log: line 49: /home2/bro-logs/2010-10-16//dev/null.07:52:18-00:00:00.gz: No such file or directory
Do you have open_log_file("/dev/null") somewhere in one of your policy
scripts? I don't think that sort of thing works, instead you need to
immediately close a file after opening it...
--
-- Justin Azoff
-- Network Security & Performance Analyst
More information about the Bro
mailing list