[Bro] cluster VS single instance - different results
william de ping
bill.de.ping at gmail.com
Sun Jul 23 06:19:44 PDT 2017
Hi all,
I know issues related to this exists out there, but I havent manage to fix
it yet..
The issue is that a single bro instance produces relevant logs upon
listening to interface eth0.
Yet broctl configured with a single worker that is listening to the same
interface, running the same scripts, fail to produce relevant log files.
I tried setting ignore_checksum = T and I have tried to run bro worker the
way broctl runs it.
Can anyone think of an explanation for this issue ?
Both single instance and single worker have the same additional scripts..
Thanks alot
B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170723/18d62b5c/attachment.html
More information about the Bro
mailing list