[Bro] Bro Cluster Documentation Error

Daniel Thayer dnthayer at illinois.edu
Mon Sep 14 13:17:59 PDT 2015 

When you check if you can ssh to the other machines in your cluster,
you need to make sure you're running ssh as the same user that
you're running broctl.

Also, what did you specify for the "host=" entries in your node.cfg?



On 09/14/2015 02:56 PM, Davison, Charles Robert wrote:
> I assume attachments don't work... here is the test output:
>
>
> root at ip-172-31-41-32:/home/ubuntu# export PATH=/usr/local/bro/bin:$PATH
>
> root at ip-172-31-41-32:/home/ubuntu# broctl
>
> Warning: broctl node config has changed (run the broctl "deploy" command)
>
> Warning: Bro node "bro" possibly still running on host "localhost" (PID
> 16564)
>
>
> Welcome to BroControl 1.4
>
>
> Type "help" for help.
>
>
> [BroControl] > install
>
> removing old policies in
> /usr/local/bro/spool/installed-scripts-do-not-touch/sit
>                                                              e ...
>
> removing old policies in
> /usr/local/bro/spool/installed-scripts-do-not-touch/aut
>                                                              o ...
>
> creating policy directories ...
>
> installing site policies ...
>
> generating cluster-layout.bro ...
>
> generating local-networks.bro ...
>
> generating broctl-config.bro ...
>
> generating broctl-config.sh ...
>
> updating nodes ...
>
> Host key verification failed.
>
> Host key verification failed.
>
> Error: cannot create (some of the) directories
> /usr/local/bro,/usr/local/bro/log
>
> s,/usr/local/bro/spool,/usr/local/bro/spool/tmp on node worker-1
>
> [BroControl] > Host key verification failed.
>
> Host key verification failed.
>
> Host key verification failed.
>
> Host key verification failed.
>
>
>
> Thank you,
>
> Charles
>
>
> ------------------------------------------------------------------------
> *From:* Davison, Charles Robert
> *Sent:* Monday, September 14, 2015 1:41 PM
> *To:* bro at bro.org
> *Subject:* Bro Cluster Documentation Error
>
>
> Good Afternoon,
>
>
> I am trying to make documentation for installing a bro cluster
> configuration, and receive the attached error when trying to install via
> broctl. I can log into both of my worker nodes from the bro manager via
> ssh fine, and without a password...
>
>
> Thank you,
>
> Charles
>
>
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>

More information about the Bro mailing list