[Bro] Critical Stack intel feeds and cluster question
Liam Randall
liam.randall at gmail.com
Tue Jan 30 08:47:45 PST 2018
It should work just fine on a cluster; just install it on the manager. The
intel framework itself checks to see if it's running on a cluster and then
distributes the intel accordingly.
https://github.com/bro/bro/blob/master/scripts/base/frameworks/intel/input.bro
Liam
On Tue, Jan 30, 2018 at 10:50 AM, Shane Mullins <shanem at vt.edu> wrote:
> Good morning everyone,
>
> Does anyone use the Critical Stack intel feeds in with a Bro cluster?
> Or does anyone know if the Critical Stack client is supported in a
> cluster environment?
>
> Thanks
> Shane
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180130/e0f1e291/attachment.html
More information about the Bro
mailing list