[Bro] Brownian Demo Site
Seth Hall
seth at icir.org
Fri Aug 10 11:26:12 PDT 2012
On Aug 10, 2012, at 1:28 AM, Vlad Grigorescu <vladg at cmu.edu> wrote:
> http://brownian.bro-ids.org/?time=all
I do want to point out some small things about that demo site. It's hosted on a virtual machine and it seems to be running slower than I would expect. My experience in other cases with many, many more logs has shown much better performance than that and I still can't explain the slowness except that rendering the logs is taking too long. There may also be other users hitting the site at the same time as you which could result in even further slow downs.
My recommendation if you are interested in seeing how it really performs would be to try it locally with Vlad's installation instructions:
https://github.com/grigorescu/Brownian/blob/master/README.md
There are instructions for using the elasticsearch plugin in our beta and git repository master branch here:
http://git.bro-ids.org/bro.git/blob/HEAD:/doc/logging-elasticsearch.rst
In particular, pay attention to the section that talks about this script (for automatically logging to text logs and elastic search at the same time):
tuning/logs-to-elasticsearch.bro
Have fun and remember that we are declaring the elastic search plugin as "in testing" for the 2.1 release. Thanks for Brownian Vlad!
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the Bro
mailing list