[Bro] Binpac exception
James Lay
jlay at slave-tothe-box.net
Fri Jul 18 15:51:05 PDT 2014
I added the below to remove syslog from getting logged in my local.bro,
and I do not have a syslog.log as wanted:
event bro_init()
{
Log::disable_stream(Syslog::LOG);
}
However I am seeing a large amount of the below in weird.log:
1405648595.773644 Comss94xWJf5CHpgnl 10.1.2.72 54619
10.21.0.23 514 binpac exception: string mismatch at
/bro-2.3/src/analyzer/protocol/syslog/syslog-protocol.pac:8:
\x0aexpected pattern: "[[:digit:]]+"\x0aactual data: "syslog message
here" - F bro
My start line:
/usr/local/bin/bro --no-checksums -i eth0 local "Site::local_nets += {
192.168.1.0/24 }"
Is there a way I can troubleshoot this? Thank you.
James
More information about the Bro
mailing list