[Bro] Cluster setup
Daniel Thayer
dnthayer at illinois.edu
Mon Oct 28 23:50:51 PDT 2013
Did you verify that you can ssh from host-A to host-B without
having to type a password?
Next, on host-B, verify that the partition where /usr/local/spool
is located is not mounted read-only and that there is some free
disk space (broctl is trying to create a directory
in /usr/local/spool on host-B).
On 10/29/2013 01:28 AM, hiren panchasara wrote:
>
> Hi All,
>
> Here is what I am trying to achieve: Incoming traffic on Host-A should
> be sent to worker Host-B (and to more workers in future).
>
> Here is how my config looks like in node.cfg
>
> Manager: Host-A
> Proxy: Host-A
> Worker1: Host-B (which is 10.73.149.31)
>
> I have bro installed on all machines. Now, I start broctl on Host-A:
>
> -bash-4.2$ sudo broctl
> Password:
>
> Welcome to BroControl 1.1
>
> Type "help" for help.
>
> [BroControl] > install
> removing old policies in
> /usr/local/spool/installed-scripts-do-not-touch/site ... done.
> removing old policies in
> /usr/local/spool/installed-scripts-do-not-touch/auto ... done.
> creating policy directories ... done.
> installing site policies ... done.
> generating cluster-layout.bro ... done.
> generating local-networks.bro ... done.
> generating broctl-config.bro ... done.
> updating nodes ... warning: host 10.73.149.31 is not alive
> done.
> [BroControl] > install
> removing old policies in
> /usr/local/spool/installed-scripts-do-not-touch/site ... done.
> removing old policies in
> /usr/local/spool/installed-scripts-do-not-touch/auto ... done.
> creating policy directories ... done.
> installing site policies ... done.
> generating cluster-layout.bro ... done.
> generating local-networks.bro ... done.
> generating broctl-config.bro ... done.
> updating nodes ... done.
> [BroControl] > start
> starting manager ...
> starting proxy-1 ...
> starting worker-1 ...
> cannot create working directory for worker-1 <<-- not sure why I get
> this message.
> [BroControl] >
>
> Do I need to do anything on Worker-1?? Do I need to put it in some
> special mode?
>
> Any help/pointers would be appreciated.
>
> Cheers,
> Hiren
>
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
More information about the Bro
mailing list