[Bro] Building OSQuery with Bro plugin
Neslog
neslog at gmail.com
Mon Aug 13 11:43:29 PDT 2018
I'm following the instructions provided by iBigQ here:
After getting osquery and osquery-plugin-bro downloaded below is what
happens.
make deps
completed successfully.
./tools/provision.sh install osquery/osquery-local/caf
CAF installs correctly.
This is where my problem began.
./tools/provision.sh install osquery/osquery-local/broker
When trying to build broker I get file not found for include
files. Here's an example of the output.
==> ./configure --prefix=/usr/local/osquery/Cellar/broker/0.6_4
--disable-python --disable-docs --enable-static-only --with-c
==> make
Last 15 lines from /home/jsa/.cache/Homebrew/Logs/broker/02.make:
subscriber_base(long max_qsize)
^
In file included from /tmp/broker-20180813-13959-67jn5z/src/endpoint.cc:26:
In file included from
/tmp/broker-20180813-13959-67jn5z/broker/detail/core_actor.hh:24:
/tmp/broker-20180813-13959-67jn5z/broker/detail/core_policy.hh:9:10:
fatal error: 'caf/broadcast_downstream_manager.hpp' file not found
#include <caf/broadcast_downstream_manager.hpp>
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 warnings and 1 error generated.
Just looks like to me it's not able to find the relative reference for
the include files.
Anyone know the fix for it? Maybe a configure flag I can add to
include the correct dir or something?
Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180813/f239dba3/attachment.html
More information about the Bro
mailing list