[Zeek] cluster configuration hot update
Palumbo Mauro
mauro.palumbo at aizoon.it
Fri May 3 00:52:13 PDT 2019
Hi all,
I am trying to figure out if it is possible to update the number of nodes running Zeek on a cluster configuration without restarting it. This could be a possible way to cope with increasing network traffic occuring in certain periods during a day or certain days when trafficic is expected to peak. However, restarting Zeek would cause a possible loss of data and I would rather avoid it.
As far as I understand, I can update the node.cfg file, for example with new workers, and run the deploy command in broctl to update the configuration. But this will stop and restart the workers for a short time. Is there a way to avoid it? I had a look into the cluster framework and other parts of zeek's code, but it doesn't seem so easy to me.
Thanks in advance,
Mauro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190503/cb8c2476/attachment.html
More information about the Zeek
mailing list