[Bro] Cluster setup
hiren panchasara
hiren.panchasara at gmail.com
Mon Oct 28 23:28:12 PDT 2013
Hi All,
Here is what I am trying to achieve: Incoming traffic on Host-A should
be sent to worker Host-B (and to more workers in future).
Here is how my config looks like in node.cfg
Manager: Host-A
Proxy: Host-A
Worker1: Host-B (which is 10.73.149.31)
I have bro installed on all machines. Now, I start broctl on Host-A:
-bash-4.2$ sudo broctl
Password:
Welcome to BroControl 1.1
Type "help" for help.
[BroControl] > install
removing old policies in
/usr/local/spool/installed-scripts-do-not-touch/site ... done.
removing old policies in
/usr/local/spool/installed-scripts-do-not-touch/auto ... done.
creating policy directories ... done.
installing site policies ... done.
generating cluster-layout.bro ... done.
generating local-networks.bro ... done.
generating broctl-config.bro ... done.
updating nodes ... warning: host 10.73.149.31 is not alive
done.
[BroControl] > install
removing old policies in
/usr/local/spool/installed-scripts-do-not-touch/site ... done.
removing old policies in
/usr/local/spool/installed-scripts-do-not-touch/auto ... done.
creating policy directories ... done.
installing site policies ... done.
generating cluster-layout.bro ... done.
generating local-networks.bro ... done.
generating broctl-config.bro ... done.
updating nodes ... done.
[BroControl] > start
starting manager ...
starting proxy-1 ...
starting worker-1 ...
cannot create working directory for worker-1 <<-- not sure why I get
this message.
[BroControl] >
Do I need to do anything on Worker-1?? Do I need to put it in some special
mode?
Any help/pointers would be appreciated.
Cheers,
Hiren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20131028/78294374/attachment.html
More information about the Bro
mailing list