[Bro] Running Bro on Alpine
Daniel Thayer
dnthayer at illinois.edu
Tue Sep 18 12:58:02 PDT 2018
On 9/18/18 1:23 PM, Mike M wrote:
> Daniel,
>
> Thanks for the help. I rebuilt bro with those patches (although they
> look identical to the ones I referenced earlier), making sure to grab
> all the dependencies listed in the docker file.
>
> I'm still seeing broctl report that bro crashed. However, what I failed
> to notice before is that there are actually several bro processes
> running and bro is still producing logs even when broctl report it has
> crashed.
>
> I suppose I could roll my own scripts to start and stop bro, but I'd
> prefer to actually get broctl working on alpine. Any ideas as to why
> it's reporting inaccurate information?
>
> thanks,
> Mike
First, I suggest running "broctl stop". Next, make sure there
are no more bro processes running on your machine by
running "broctl ps.bro". This command shows all bro processes
running, whereas "broctl status" only shows you the ones that
broctl knows about. It is important to make sure there are
no bro processes running before attempting to start bro
using broctl.
-Daniel
More information about the Bro
mailing list