[Bro] broctl worker-1 cluster problem

jessebort at hushmail.com jessebort at hushmail.com
Thu Aug 29 18:09:00 PDT 2013 

I'm a new bro user and  have tried to find the answer to this, but
have had no luck.  I've got  version 2.1 installed.  I can run bro in
standalone mode with no  problem, but I've tried to install a bro
cluster with worker-1 on a  remote host/VM with the same problem. 
Here is what I've tried to do:

created user jesse on both manager/proxy - 192.168.43.1
   o configured node.cfg for manager and proxy to be 192.168.43.1
   o configured node.cfg for worker-1 to be 192.168.43.130
   o performed ssh-keygen as user jesse
   o copied .ssh/rsa_id.pub to 192.168.43.130
/home/jesse/.ssh/authorized_keys
   o able to ssh as jesse from 192.168.43.1 to 192.168.43.130 with no
required password/passphrase
   o added jesse to /etc/sudoers to do everything root can

created user jesse on worker-1 192.168.43.130 (VM)
   o changed owner of /usr/local/bro to jesse
   o added jesse to /etc/sudoers to do everything root can

as user jesse on manager/proxy > sudo broctl
[BroControl] > install
removing old policies in
/usr/local/bro/spool/installed-scripts-do-not-touch/site ... done.
removing old policies in
/usr/local/bro/spool/installed-scripts-do-not-touch/auto ... done.
creating policy directories ... done.
installing site policies ... done.
generating cluster-layout.bro ... done.
generating local-networks.bro ... done.
generating broctl-config.bro ... done.
updating nodes ... warning: host 192.168.43.130 is not alive   install
waiting for lock ..... ok
removing old policies in
/usr/local/bro/spool/installed-scripts-do-not-touch/site ... done.
removing old policies in
/usr/local/bro/spool/installed-scripts-do-not-touch/auto ... done.
creating policy directories ... done.
installing site policies ... done.
generating cluster-layout.bro ... done.
generating local-networks.bro ... done.
generating broctl-config.bro ... done.
updating nodes ... done.                                              
    diag worker-1
[worker-1]
No work dir found
[BroControl] > start
starting manager ...
starting proxy-1 ...
starting worker-1 ...
cannot create working directory for worker-1                         
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20130829/2882fb72/attachment.html

More information about the Bro mailing list