[Bro] Warning of "did not find requested field indicator" from intelligence data file
Jan Grashöfer
jan.grashoefer at gmail.com
Tue Aug 28 02:01:42 PDT 2018
On 27/08/18 10:10, wangdj at ffcs.cn wrote:> when i run this script with
command "./bro -i eth3 mytest" on a shell terminal and run "ping
14.215.177.39" command on another shell terminal, i got the following
warning and :
> warning: ./myintel.txt/Input::READER_ASCII: Did not find requested field indicator in input data file ./myintel.txt.
Keep in mind that the header has to be tab-separated. Furthermore, the
default seen scripts report only IPs of established TCP connections (see
https://github.com/bro/bro/blob/master/scripts/policy/frameworks/intel/seen/conn-established.bro).
Jan
More information about the Bro
mailing list