[Bro] Notifications from Local.bro
Bernhard Amann
bernhard at ICSI.Berkeley.EDU
Mon May 19 22:57:25 PDT 2014
HTTP::Incorrect_File_Type was removed with an overhaul of the files
framework even before 2.2, if I read the git commit log correctly. So -
you probably just want to remove that one from your script.
Bernhard
On 19 May 2014, at 22:39, Damon Rouse wrote:
> Here’s the output of the diag after I uncommented redef and
> restarted BRO. Not sure why it’s saying the
> HTTP::Incorrect_File_Type is an unknown identifier. Thanks for your
> help
>
> Damon
>
> sudo broctl diag
> waiting for lock ..... ok
> [manager]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== stderr.log
> error in /nsm/bro/spool/installed-scripts-do-not-touch/site/local.bro,
> line 99: unknown identifier HTTP::Incorrect_File_Type, at or near
> "HTTP::Incorrect_File_Type"
>
> ==== stdout.log
> unlimited
> unlimited
> unlimited
>
> ==== .cmdline
> -U .status -p broctl -p broctl-live -p local -p manager local.bro
> broctl base/frameworks/cluster local-manager.bro broctl/auto
>
> ==== .env_vars
> PATH=/opt/bro/bin:/opt/bro/share/broctl/scripts:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
> BROPATH=/nsm/bro/spool/installed-scripts-do-not-touch/site::/nsm/bro/spool/installed-scripts-do-not-touch/auto:/opt/bro/share/bro:/opt/bro/share/bro/policy:/opt/bro/share/bro/site
> CLUSTER_NODE=manager
>
> ==== .status
> TERMINATED [atexit]
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [proxy]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-1]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-2]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-3]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-4]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-5]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-6]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-7]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth1-8]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-1]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-2]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-3]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-4]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-5]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-6]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-7]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [essorgso-eth2-8]
>
> Bro 2.2
> Linux 3.2.0-61-generic
>
>
> ==== No reporter.log
>
> ==== No stderr.log
>
> ==== No stdout.log
>
> ==== No .cmdline
>
> ==== No .env_vars
>
> ==== No .status
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> On May 19, 2014, at 5:43 PM, Siwek, Jonathan Luke
> <jsiwek at illinois.edu> wrote:
>
>>
>> On May 19, 2014, at 5:58 PM, Damon Rouse <damonrouse at gmail.com>
>> wrote:
>>
>>> The error is: manager terminated immediately after starting; check
>>> output with "diag"
>>>
>>> Can you only have one redef statement in the local.bro file? Or did
>>> I make a mistake somewhere?
>>
>> More than one redef is fine. After the failed start, if you do
>> `broctl diag`, it may give more of a clue as to what’s wrong. Can
>> you share the output of that if you need more help interpreting the
>> error?
>>
>> - Jon
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list