[Bro] Notifications from Local.bro

Bernhard Amann bernhard at ICSI.Berkeley.EDU
Mon May 19 22:57:25 PDT 2014


HTTP::Incorrect_File_Type was removed with an overhaul of the files 
framework even before 2.2, if I read the git commit log correctly. So - 
you probably just want to remove that one from your script.

Bernhard

On 19 May 2014, at 22:39, Damon Rouse wrote:

> Here’s the output of the diag after I uncommented redef and 
> restarted BRO.  Not sure why it’s saying the 
> HTTP::Incorrect_File_Type is an unknown identifier.  Thanks for your 
> help
>
> Damon
>
> sudo broctl diag
> waiting for lock ..... ok
> [manager]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== stderr.log
> error in /nsm/bro/spool/installed-scripts-do-not-touch/site/local.bro, 
> line 99: unknown identifier HTTP::Incorrect_File_Type, at or near 
> "HTTP::Incorrect_File_Type"
>
> ==== stdout.log
> unlimited
> unlimited
> unlimited
>
> ==== .cmdline
> -U .status -p broctl -p broctl-live -p local -p manager local.bro 
> broctl base/frameworks/cluster local-manager.bro broctl/auto
>
> ==== .env_vars
> PATH=/opt/bro/bin:/opt/bro/share/broctl/scripts:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
> BROPATH=/nsm/bro/spool/installed-scripts-do-not-touch/site::/nsm/bro/spool/installed-scripts-do-not-touch/auto:/opt/bro/share/bro:/opt/bro/share/bro/policy:/opt/bro/share/bro/site
> CLUSTER_NODE=manager
>
> ==== .status
> TERMINATED [atexit]
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [proxy]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-1]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-2]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-3]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-4]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-5]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-6]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-7]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-8]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-1]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-2]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-3]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-4]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-5]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-6]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-7]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-8]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> On May 19, 2014, at 5:43 PM, Siwek, Jonathan Luke 
> <jsiwek at illinois.edu> wrote:
>
>>
>> On May 19, 2014, at 5:58 PM, Damon Rouse <damonrouse at gmail.com> 
>> wrote:
>>
>>> The error is: manager terminated immediately after starting; check 
>>> output with "diag"
>>>
>>> Can you only have one redef statement in the local.bro file?  Or did 
>>> I make a mistake somewhere?
>>
>> More than one redef is fine.  After the failed start, if you do 
>> `broctl diag`, it may give more of a clue as to what’s wrong.  Can 
>> you share the output of that if you need more help interpreting the 
>> error?
>>
>> - Jon
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro




More information about the Bro mailing list