[Bro] Bro cluster requirements and manager logging backlog bug
Azoff, Justin S
jazoff at illinois.edu
Sat Jan 7 07:33:52 PST 2017
> On Jan 6, 2017, at 7:41 PM, Hovsep Levi <hovsep.sanjay.levi at gmail.com> wrote:
>
>
> When I configure 8 loggers only 3 loggers are working. (logger-3, logger-4, and logger-8). I restarted the cluster and this time 5 of the loggers are working. (2,3,4,6,8). Still looking into why this happens.
Running
broctl print Communication::nodes
May shed some light on that.
If it times out you can do
broctl print Communication::nodes logger-1
broctl print Communication::nodes logger-2
broctl print Communication::nodes worker-1-1
broctl print Communication::nodes worker-1-2
broctl print Communication::nodes worker-1-3
to display it from individual nodes.
You may also just want to try running tcpdump when the workers start up, you should see tcp connections to 10.1.1.1 on ports 47761 and 47762 from the worker nodes.
--
- Justin Azoff
More information about the Bro
mailing list