[Bro] Bro Digest, Vol 113, Issue 21
Davison, Charles Robert
cdaviso1 at vols.utk.edu
Tue Sep 15 06:54:07 PDT 2015
This was the status I received:
[BroControl] > status
Getting process status ...
Getting peer status ...
Name Type Host Status Pid Peers Started
manager manager 172.31.41.32 running 2405 0 15 Sep 13:43:53
proxy-1 proxy 172.31.41.32 running 2444 1 15 Sep 13:43:54
worker-1 worker 172.31.41.33 crashed
worker-2 worker 172.31.41.31 crashed
I also tried performing the following, but no matter what whenever I start i recieve the termination error.
broctl stop
> broctl cleanup --all
> broctl install
> broctl check
> broctl start
[BroControl] > start
manager still running
proxy-1 still running
starting worker-1 (was crashed) ...
starting worker-2 (was crashed) ...
worker-1 terminated immediately after starting; check output with "diag"
worker-2 terminated immediately after starting; check output with "diag"
CHARLES R. DAVISON
(865)730-0078
cdaviso1 at vols.utk.edu
________________________________________
From: bro-bounces at bro.org <bro-bounces at bro.org> on behalf of bro-request at bro.org <bro-request at bro.org>
Sent: Tuesday, September 15, 2015 7:41 AM
To: bro at bro.org
Subject: Bro Digest, Vol 113, Issue 21
Send Bro mailing list submissions to
bro at bro.org
To subscribe or unsubscribe via the World Wide Web, visit
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
or, via email, send a message with subject or body 'help' to
bro-request at bro.org
You can reach the person managing the list at
bro-owner at bro.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Bro digest..."
Today's Topics:
1. Broctl Worker Issues (Davison, Charles Robert)
----------------------------------------------------------------------
Message: 1
Date: Tue, 15 Sep 2015 13:41:11 +0000
From: "Davison, Charles Robert" <cdaviso1 at vols.utk.edu>
Subject: [Bro] Broctl Worker Issues
To: "bro at bro.org" <bro at bro.org>
Message-ID:
<SN1PR0201MB15844318C9C6F64EE128BB4DB65C0 at SN1PR0201MB1584.namprd02.prod.outlook.com>
Content-Type: text/plain; charset="iso-8859-1"
When I try and start broctl on all my workers I receive the following:
ubuntu at ip-172-31-41-32:~$ /usr/local/bro/bin/broctl start
starting manager ...
starting proxy-1 ...
starting worker-1 ...
starting worker-2 ...
worker-1 terminated immediately after starting; check output with "diag"
worker-2 terminated immediately after starting; check output with "diag"
This was my output from the diag:
Bro 2.4.1
Linux 3.13.0-48-generic
No gdb installed.
==== reporter.log
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path reporter
#open 2015-09-15-13-38-43
#fields ts level message location
#types time enum string string
0.000000 Reporter::WARNING SumStat key request for the J1pRzdrrLK8 SumStat uid took longer than 1 minute and was automatically cancelled. /usr/local/bro/share/bro/base/frameworks/sumstats/./cluster.bro, line 218
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) unlimited
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto
==== .env_vars
PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site
CLUSTER_NODE=manager
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== loaded_scripts.log
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path loaded_scripts
#open 2015-09-15-13-34-43
#fields name
#types string
/usr/local/bro/share/bro/base/init-bare.bro
/usr/local/bro/share/bro/base/bif/const.bif.bro
/usr/local/bro/share/bro/base/bif/types.bif.bro
/usr/local/bro/share/bro/base/bif/strings.bif.bro
/usr/local/bro/share/bro/base/bif/bro.bif.bro
/usr/local/bro/share/bro/base/bif/reporter.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SNMP.types.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_KRB.types.bif.bro
/usr/local/bro/share/bro/base/bif/event.bif.bro
/usr/local/bro/share/bro/base/frameworks/broker/__load__.bro
/usr/local/bro/share/bro/base/frameworks/broker/main.bro
/usr/local/bro/share/bro/base/frameworks/logging/__load__.bro
/usr/local/bro/share/bro/base/frameworks/logging/main.bro
/usr/local/bro/share/bro/base/bif/logging.bif.bro
/usr/local/bro/share/bro/base/frameworks/logging/postprocessors/__load__.bro
/usr/local/bro/share/bro/base/frameworks/logging/postprocessors/scp.bro
/usr/local/bro/share/bro/base/frameworks/logging/postprocessors/sftp.bro
/usr/local/bro/share/bro/base/frameworks/logging/writers/ascii.bro
/usr/local/bro/share/bro/base/frameworks/logging/writers/sqlite.bro
/usr/local/bro/share/bro/base/frameworks/logging/writers/none.bro
/usr/local/bro/share/bro/base/frameworks/input/__load__.bro
/usr/local/bro/share/bro/base/frameworks/input/main.bro
/usr/local/bro/share/bro/base/bif/input.bif.bro
/usr/local/bro/share/bro/base/frameworks/input/readers/ascii.bro
/usr/local/bro/share/bro/base/frameworks/input/readers/raw.bro
/usr/local/bro/share/bro/base/frameworks/input/readers/benchmark.bro
/usr/local/bro/share/bro/base/frameworks/input/readers/binary.bro
/usr/local/bro/share/bro/base/frameworks/input/readers/sqlite.bro
/usr/local/bro/share/bro/base/frameworks/analyzer/__load__.bro
/usr/local/bro/share/bro/base/frameworks/analyzer/main.bro
/usr/local/bro/share/bro/base/frameworks/packet-filter/utils.bro
/usr/local/bro/share/bro/base/bif/analyzer.bif.bro
/usr/local/bro/share/bro/base/frameworks/files/__load__.bro
/usr/local/bro/share/bro/base/frameworks/files/main.bro
/usr/local/bro/share/bro/base/bif/file_analysis.bif.bro
/usr/local/bro/share/bro/base/utils/site.bro
/usr/local/bro/share/bro/base/utils/patterns.bro
/usr/local/bro/share/bro/base/frameworks/files/magic/__load__.bro
/usr/local/bro/share/bro/base/bif/__load__.bro
/usr/local/bro/share/bro/base/bif/broxygen.bif.bro
/usr/local/bro/share/bro/base/bif/pcap.bif.bro
/usr/local/bro/share/bro/base/bif/bloom-filter.bif.bro
/usr/local/bro/share/bro/base/bif/cardinality-counter.bif.bro
/usr/local/bro/share/bro/base/bif/top-k.bif.bro
/usr/local/bro/share/bro/base/bif/comm.bif.bro
/usr/local/bro/share/bro/base/bif/data.bif.bro
/usr/local/bro/share/bro/base/bif/messaging.bif.bro
/usr/local/bro/share/bro/base/bif/store.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/__load__.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_ARP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_AYIYA.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_BackDoor.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_BitTorrent.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_ConnSize.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_ConnSize.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_DCE_RPC.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_DHCP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_DNP3.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_DNS.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_File.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Finger.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_FTP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_FTP.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Gnutella.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_GTPv1.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_HTTP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_HTTP.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_ICMP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Ident.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_InterConn.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_IRC.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_KRB.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Login.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Login.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_MIME.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Modbus.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_MySQL.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_NCP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_NetBIOS.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_NetBIOS.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_NTP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_PIA.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_POP3.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_RADIUS.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_RDP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_RDP.types.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_RPC.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SIP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SNMP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SMB.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SMTP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SMTP.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SOCKS.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SSH.types.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SSH.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SSL.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SteppingStone.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Syslog.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_TCP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_TCP.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Teredo.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_UDP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_ZIP.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_FileExtract.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_FileExtract.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_FileHash.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_PE.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Unified2.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_Unified2.types.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_X509.events.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_X509.types.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_X509.functions.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_AsciiReader.ascii.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_BenchmarkReader.benchmark.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_BinaryReader.binary.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_RawReader.raw.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SQLiteReader.sqlite.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_AsciiWriter.ascii.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_NoneWriter.none.bif.bro
/usr/local/bro/share/bro/base/bif/plugins/Bro_SQLiteWriter.sqlite.bif.bro
/usr/local/bro/share/bro/base/init-default.bro
/usr/local/bro/share/bro/base/utils/active-http.bro
/usr/local/bro/share/bro/base/utils/exec.bro
/usr/local/bro/share/bro/base/utils/addrs.bro
/usr/local/bro/share/bro/base/utils/conn-ids.bro
/usr/local/bro/share/bro/base/utils/dir.bro
/usr/local/bro/share/bro/base/frameworks/reporter/__load__.bro
/usr/local/bro/share/bro/base/frameworks/reporter/main.bro
/usr/local/bro/share/bro/base/utils/paths.bro
/usr/local/bro/share/bro/base/utils/directions-and-hosts.bro
/usr/local/bro/share/bro/base/utils/files.bro
/usr/local/bro/share/bro/base/utils/numbers.bro
/usr/local/bro/share/bro/base/utils/queue.bro
/usr/local/bro/share/bro/base/utils/strings.bro
/usr/local/bro/share/bro/base/utils/thresholds.bro
/usr/local/bro/share/bro/base/utils/time.bro
/usr/local/bro/share/bro/base/utils/urls.bro
/usr/local/bro/share/bro/base/frameworks/notice/__load__.bro
/usr/local/bro/share/bro/base/frameworks/notice/main.bro
/usr/local/bro/share/bro/base/frameworks/notice/weird.bro
/usr/local/bro/share/bro/base/frameworks/notice/actions/drop.bro
/usr/local/bro/share/bro/base/frameworks/notice/actions/email_admin.bro
/usr/local/bro/share/bro/base/frameworks/notice/actions/page.bro
/usr/local/bro/share/bro/base/frameworks/notice/actions/add-geodata.bro
/usr/local/bro/share/bro/base/frameworks/notice/extend-email/hostnames.bro
/usr/local/bro/share/bro/base/frameworks/cluster/__load__.bro
/usr/local/bro/share/bro/base/frameworks/cluster/main.bro
/usr/local/bro/share/bro/base/frameworks/control/__load__.bro
/usr/local/bro/share/bro/base/frameworks/control/main.bro
/usr/local/bro/spool/installed-scripts-do-not-touch/auto/cluster-layout.bro
/usr/local/bro/share/bro/base/frameworks/cluster/setup-connections.bro
/usr/local/bro/share/bro/base/frameworks/communication/__load__.bro
/usr/local/bro/share/bro/base/frameworks/communication/main.bro
/usr/local/bro/share/bro/base/frameworks/packet-filter/__load__.bro
/usr/local/bro/share/bro/base/frameworks/packet-filter/main.bro
/usr/local/bro/share/bro/base/frameworks/packet-filter/netstats.bro
/usr/local/bro/share/bro/base/frameworks/packet-filter/cluster.bro
/usr/local/bro/share/bro/policy/frameworks/communication/listen.bro
/usr/local/bro/share/bro/base/frameworks/cluster/nodes/manager.bro
/usr/local/bro/share/bro/base/frameworks/notice/cluster.bro
/usr/local/bro/share/bro/base/frameworks/notice/actions/pp-alarms.bro
/usr/local/bro/share/bro/base/frameworks/dpd/__load__.bro
/usr/local/bro/share/bro/base/frameworks/dpd/main.bro
/usr/local/bro/share/bro/base/frameworks/signatures/__load__.bro
/usr/local/bro/share/bro/base/frameworks/signatures/main.bro
/usr/local/bro/share/bro/base/frameworks/software/__load__.bro
/usr/local/bro/share/bro/base/frameworks/software/main.bro
/usr/local/bro/share/bro/base/frameworks/intel/__load__.bro
/usr/local/bro/share/bro/base/frameworks/intel/main.bro
/usr/local/bro/share/bro/base/frameworks/intel/cluster.bro
/usr/local/bro/share/bro/base/frameworks/intel/input.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/__load__.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/main.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/__load__.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/average.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/hll_unique.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/last.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/max.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/min.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/sample.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/std-dev.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/variance.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/sum.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/topk.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/plugins/unique.bro
/usr/local/bro/share/bro/base/frameworks/sumstats/cluster.bro
/usr/local/bro/share/bro/base/frameworks/tunnels/__load__.bro
/usr/local/bro/share/bro/base/frameworks/tunnels/main.bro
/usr/local/bro/share/bro/base/protocols/conn/__load__.bro
/usr/local/bro/share/bro/base/protocols/conn/main.bro
/usr/local/bro/share/bro/base/protocols/conn/contents.bro
/usr/local/bro/share/bro/base/protocols/conn/inactivity.bro
/usr/local/bro/share/bro/base/protocols/conn/polling.bro
/usr/local/bro/share/bro/base/protocols/conn/thresholds.bro
/usr/local/bro/share/bro/base/protocols/dhcp/__load__.bro
/usr/local/bro/share/bro/base/protocols/dhcp/consts.bro
/usr/local/bro/share/bro/base/protocols/dhcp/main.bro
/usr/local/bro/share/bro/base/protocols/dhcp/utils.bro
/usr/local/bro/share/bro/base/protocols/dnp3/__load__.bro
/usr/local/bro/share/bro/base/protocols/dnp3/main.bro
/usr/local/bro/share/bro/base/protocols/dnp3/consts.bro
/usr/local/bro/share/bro/base/protocols/dns/__load__.bro
/usr/local/bro/share/bro/base/protocols/dns/consts.bro
/usr/local/bro/share/bro/base/protocols/dns/main.bro
/usr/local/bro/share/bro/base/protocols/ftp/__load__.bro
/usr/local/bro/share/bro/base/protocols/ftp/utils-commands.bro
/usr/local/bro/share/bro/base/protocols/ftp/info.bro
/usr/local/bro/share/bro/base/protocols/ftp/main.bro
/usr/local/bro/share/bro/base/protocols/ftp/utils.bro
/usr/local/bro/share/bro/base/protocols/ftp/files.bro
/usr/local/bro/share/bro/base/protocols/ftp/gridftp.bro
/usr/local/bro/share/bro/base/protocols/ssl/__load__.bro
/usr/local/bro/share/bro/base/protocols/ssl/consts.bro
/usr/local/bro/share/bro/base/protocols/ssl/main.bro
/usr/local/bro/share/bro/base/protocols/ssl/mozilla-ca-list.bro
/usr/local/bro/share/bro/base/protocols/ssl/files.bro
/usr/local/bro/share/bro/base/files/x509/__load__.bro
/usr/local/bro/share/bro/base/files/x509/main.bro
/usr/local/bro/share/bro/base/files/hash/__load__.bro
/usr/local/bro/share/bro/base/files/hash/main.bro
/usr/local/bro/share/bro/base/protocols/http/__load__.bro
/usr/local/bro/share/bro/base/protocols/http/main.bro
/usr/local/bro/share/bro/base/protocols/http/entities.bro
/usr/local/bro/share/bro/base/protocols/http/utils.bro
/usr/local/bro/share/bro/base/protocols/http/files.bro
/usr/local/bro/share/bro/base/protocols/irc/__load__.bro
/usr/local/bro/share/bro/base/protocols/irc/main.bro
/usr/local/bro/share/bro/base/protocols/irc/dcc-send.bro
/usr/local/bro/share/bro/base/protocols/irc/files.bro
/usr/local/bro/share/bro/base/protocols/krb/__load__.bro
/usr/local/bro/share/bro/base/protocols/krb/main.bro
/usr/local/bro/share/bro/base/protocols/krb/consts.bro
/usr/local/bro/share/bro/base/protocols/krb/files.bro
/usr/local/bro/share/bro/base/protocols/modbus/__load__.bro
/usr/local/bro/share/bro/base/protocols/modbus/consts.bro
/usr/local/bro/share/bro/base/protocols/modbus/main.bro
/usr/local/bro/share/bro/base/protocols/mysql/__load__.bro
/usr/local/bro/share/bro/base/protocols/mysql/main.bro
/usr/local/bro/share/bro/base/protocols/mysql/consts.bro
/usr/local/bro/share/bro/base/protocols/pop3/__load__.bro
/usr/local/bro/share/bro/base/protocols/radius/__load__.bro
/usr/local/bro/share/bro/base/protocols/radius/main.bro
/usr/local/bro/share/bro/base/protocols/radius/consts.bro
/usr/local/bro/share/bro/base/protocols/rdp/__load__.bro
/usr/local/bro/share/bro/base/protocols/rdp/consts.bro
/usr/local/bro/share/bro/base/protocols/rdp/main.bro
/usr/local/bro/share/bro/base/protocols/sip/__load__.bro
/usr/local/bro/share/bro/base/protocols/sip/main.bro
/usr/local/bro/share/bro/base/protocols/snmp/__load__.bro
/usr/local/bro/share/bro/base/protocols/snmp/main.bro
/usr/local/bro/share/bro/base/protocols/smtp/__load__.bro
/usr/local/bro/share/bro/base/protocols/smtp/main.bro
/usr/local/bro/share/bro/base/protocols/smtp/entities.bro
/usr/local/bro/share/bro/base/protocols/smtp/files.bro
/usr/local/bro/share/bro/base/protocols/socks/__load__.bro
/usr/local/bro/share/bro/base/protocols/socks/consts.bro
/usr/local/bro/share/bro/base/protocols/socks/main.bro
/usr/local/bro/share/bro/base/protocols/ssh/__load__.bro
/usr/local/bro/share/bro/base/protocols/ssh/main.bro
/usr/local/bro/share/bro/base/protocols/syslog/__load__.bro
/usr/local/bro/share/bro/base/protocols/syslog/consts.bro
/usr/local/bro/share/bro/base/protocols/syslog/main.bro
/usr/local/bro/share/bro/base/protocols/tunnels/__load__.bro
/usr/local/bro/share/bro/base/files/pe/__load__.bro
/usr/local/bro/share/bro/base/files/pe/consts.bro
/usr/local/bro/share/bro/base/files/pe/main.bro
/usr/local/bro/share/bro/base/files/extract/__load__.bro
/usr/local/bro/share/bro/base/files/extract/main.bro
/usr/local/bro/share/bro/base/files/unified2/__load__.bro
/usr/local/bro/share/bro/base/files/unified2/main.bro
/usr/local/bro/share/bro/base/misc/find-checksum-offloading.bro
/usr/local/bro/share/bro/base/misc/find-filtered-trace.bro
/usr/local/bro/spool/installed-scripts-do-not-touch/site/local.bro
/usr/local/bro/share/bro/policy/misc/loaded-scripts.bro
/usr/local/bro/share/bro/policy/tuning/defaults/__load__.bro
/usr/local/bro/share/bro/policy/tuning/defaults/packet-fragments.bro
/usr/local/bro/share/bro/policy/tuning/defaults/warnings.bro
/usr/local/bro/share/bro/policy/tuning/defaults/extracted_file_limits.bro
/usr/local/bro/share/bro/policy/misc/scan.bro
/usr/local/bro/share/bro/policy/misc/app-stats/__load__.bro
/usr/local/bro/share/bro/policy/misc/app-stats/main.bro
/usr/local/bro/share/bro/policy/misc/app-stats/plugins/__load__.bro
/usr/local/bro/share/bro/policy/misc/app-stats/plugins/facebook.bro
/usr/local/bro/share/bro/policy/misc/detect-traceroute/__load__.bro
/usr/local/bro/share/bro/policy/misc/detect-traceroute/main.bro
/usr/local/bro/share/bro/policy/frameworks/software/vulnerable.bro
/usr/local/bro/share/bro/policy/frameworks/software/version-changes.bro
/usr/local/bro/share/bro/policy/protocols/ftp/software.bro
/usr/local/bro/share/bro/policy/protocols/smtp/software.bro
/usr/local/bro/share/bro/policy/protocols/ssh/software.bro
/usr/local/bro/share/bro/policy/protocols/http/software.bro
/usr/local/bro/share/bro/policy/protocols/dns/detect-external-names.bro
/usr/local/bro/share/bro/policy/protocols/ftp/detect.bro
/usr/local/bro/share/bro/policy/protocols/conn/known-hosts.bro
/usr/local/bro/share/bro/policy/protocols/conn/known-services.bro
/usr/local/bro/share/bro/policy/protocols/ssl/known-certs.bro
/usr/local/bro/share/bro/policy/protocols/ssl/validate-certs.bro
/usr/local/bro/share/bro/policy/protocols/ssl/log-hostcerts-only.bro
/usr/local/bro/share/bro/policy/protocols/ssh/geo-data.bro
/usr/local/bro/share/bro/policy/protocols/ssh/detect-bruteforcing.bro
/usr/local/bro/share/bro/policy/protocols/ssh/interesting-hostnames.bro
/usr/local/bro/share/bro/policy/protocols/http/detect-sqli.bro
/usr/local/bro/share/bro/policy/frameworks/files/hash-all-files.bro
/usr/local/bro/share/bro/policy/frameworks/files/detect-MHR.bro
/usr/local/bro/share/bro/broctl/__load__.bro
/usr/local/bro/share/bro/broctl/main.bro
/usr/local/bro/share/bro/policy/frameworks/control/controllee.bro
/usr/local/bro/spool/installed-scripts-do-not-touch/site/local-manager.bro
/usr/local/bro/share/bro/broctl/auto.bro
/usr/local/bro/spool/installed-scripts-do-not-touch/auto/local-networks.bro
/usr/local/bro/spool/installed-scripts-do-not-touch/auto/broctl-config.bro
[proxy-1]
Bro 2.4.1
Linux 3.13.0-48-generic
No gdb installed.
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) unlimited
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto
==== .env_vars
PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site
CLUSTER_NODE=proxy-1
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1]
error running crash-diag for worker-1
Host 172.31.41.33 is not alive
[worker-2]
error running crash-diag for worker-2
Host 172.31.41.31 is not alive
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150915/819f49ea/attachment.html
------------------------------
_______________________________________________
Bro mailing list
Bro at bro.org
http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
End of Bro Digest, Vol 113, Issue 21
************************************
More information about the Bro
mailing list