[Bro] Bro + pf_ring on a rasberry pi 3
Alex Kefallonitis
al.kefallonitis at gmail.com
Tue Feb 28 13:37:08 PST 2017
pi at raspberrypi:~/bro-test $ cat reporter.log
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path reporter
#open 2017-02-28-21-09-35
#fields ts level message location
#types time enum string string
1488316175.157715 Reporter::INFO received termination signal
(empty)
1488316175.157715 Reporter::INFO 674 packets received on interface
eth0, 0 dropped (empty)
#close 2017-02-28-21-09-35
2017-02-28 23:23 GMT+02:00 Azoff, Justin S <jazoff at illinois.edu>:
>
> > On Feb 28, 2017, at 4:17 PM, Alex Kefallonitis <
> al.kefallonitis at gmail.com> wrote:
> >
> > There are no errors and no capture_loss or drop packets, although base
> bro plugins are enable, bro sees only limited events:
> >
> > pi at raspberrypi:~/bro-test $ ls -la
> > total 28
> > drwxr-xr-x 3 pi pi 4096 Feb 28 21:03 .
> > drwxr-xr-x 12 pi pi 4096 Feb 28 20:55 ..
> > -rw-r--r-- 1 root root 699 Feb 28 21:03 conn.log
> > -rw-r--r-- 1 root root 253 Feb 28 21:03 packet_filter.log
> > -rw-r--r-- 1 root root 362 Feb 28 21:03 reporter.log
>
> The reporter.log contains errors.. what does it have in it?
>
> --
> - Justin Azoff
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170228/5d59f66f/attachment.html
More information about the Bro
mailing list