[Bro] no intel.log | critical-stack intel

[Johanna Amann]

I can't read their article because it needs a log in. That being said -
assuming you follow steps similar to
https://www.bro.org/sphinx-git/frameworks/intel.html, especially the redef
Intel::read_files part, data should be read in by Bro and the intel.log
should get generated.

If it does not, check if you have a reporter.log that complains about
issues reading the file.

Johanna

On Wed, Jul 26, 2017 at 07:00:06AM +0000, Izik Birka wrote:
> Hi
> I installed the critical-stack agent
> I pulled the feeds and the master  file was created successfully
> 
> But when I trying to test it , and connect to forbidden address , I'm not getting the log in the intel.log like I should
> Actually there is no file "intel.log"
> 
> What am I missing ?
> 
> I was following this article https://intel.criticalstack.com/client/0-4-x/usage
> 
> [Enjoy]<http://www.hot.net.il/>
> 
> איציק בירקה
> רכז תחום אבטחת מידע מערכות מידע
> חטיבת מערכות מידע
> 077-7077790 | 053-6064571
> 
> P  חשבו על הסביבה בטרם תדפיסו מייל זה
> 
> 
> [Enjoy]<http://www.hot.net.il/>
> 
> This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain materials protected by copyright or information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law or agreement.
> 
> If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication by error, notify the sender immediately and delete this message immediately.
> 
> Thank you.




> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro