[Bro] Lot of weird log entries like DNS_RR_unknown_type
C.L. Martinez
carlopmart at gmail.com
Mon May 4 04:19:57 PDT 2015
Hi all,
Over last days, I am seeing a lot of weird errors like:
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path weird
#open 2015-05-04-11-04-42
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p name addl notice peer
#types time string addr port addr port string string bool string
1430737482.215330 CYHJwf46bhQTDkaZV9 172.22.55.1 22237 172.22.55.6 53
DNS_RR_unknown_type - F bro
1430737483.223168 CIpEYq3OXvMER15dG1 172.22.55.1 58971 172.22.55.6 53
DNS_RR_unknown_type - F bro
172.22.55.1 is our internal DNS server, and recursive queries works ok.
Then, why this type of weird logs??
Bro 2.3.2 installed under Debian 7 host (fully updated)
Thanks.
More information about the Bro
mailing list