[Bro] - http$host diff between bro and broctl
william de ping
bill.de.ping at gmail.com
Wed Jun 21 09:29:56 PDT 2017
Hi all,
Scenario 1 : bro instance on my local interface + browsing to www.bbc.com
Scenario 2 : bro cluster with a single Worker on my local interface +
browsing to www.cnn.com
in http.log,
on the 1st scenario, the host field is initialized with www.bbc.com
on the 2nd scenario, the host field is NOT initialized
I'm running bro 2.5
Is there any explanation for the diff ?
thank you
B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170621/7973e635/attachment.html
More information about the Bro
mailing list