[Zeek] Running Script in a Cluster
Joseph Kvedaras
jokvedaras at gmail.com
Fri Aug 9 06:38:48 PDT 2019
Hey,
I'm working with Zeek scripts and I am running in an issue getting my
script to execute when zeek is running as a cluster. The script executes
when I start zeek w/ a pcap file. The script executes when I start zeek on
the command line, bind to the interface, and playback that pcap. The
script does not execute when I start zeek as cluster and playback the pcap
file. Other scripts, like 'extract-all-files.bro' run all 3 ways but in
the cluster, will not write my added print outs to the stdout file in
cluster mode. I have also confirmed that my scripts are being loaded by
the logging module when I run "zeekctl diag". I feel like I'm missing
something. Does anyone know what it is?
Thanks
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190809/844f0c88/attachment.html
More information about the Zeek
mailing list