[Bro] Question about Broker
Vito Logrillo
vitologrillo at gmail.com
Mon May 11 08:57:48 PDT 2015
Hi Jon,
thanks for your reply.
My final goal is the bro's log transmission from a node to a server: i
think that Broker can be useful to my application, so i've tried to
use the example code to understand better how it works.
If i want to emulate a broker listener, which application can be used?
Thanks,
Vito
2015-05-11 17:41 GMT+02:00 Siwek, Jon <jsiwek at illinois.edu>:
>
>> On May 11, 2015, at 3:07 AM, Vito Logrillo <vitologrillo at gmail.com> wrote:
>>
>> 4. I've configured the listener with netcat -l 9999
>> 5. netstat -ant on my bro machine
>>
>> The last command shows an established connection between the bro
>> machine and the listener, but there's no data exchange.
>
> That seems ok to me: the TCP connection gets established, but a plain netcat listener doesn’t have any concept of broker data/messages/connection-handshake to be able to communicate in a meaningful way. Are you just doing this to troubleshoot some other connection problems? What are you expecting or trying to do?
>
> - Jon
More information about the Bro
mailing list