On Feb 26, 2016, at 9:18 PM, Johanna Amann
On Fri, Feb 26, 2016 at 10:00:25AM +0400, Zafar Pravaiz wrote:
I am running SO 14.04. This is just capturing DNS
and DHCP traffic on a
span port. Recently i ran soup and reboot the box. After that i have
noticed no DHCP log is showing up in bro log. i can see known_services
shows DHCP as service but there no dhcp.log file being generate. Any
clue what went wrong?
On a first glance I do not really have any idea what went wrong, but there
are a few things to check -
* just to verify, dns.log is still being written correctly?
Yes dns.log being update as expected.
* could you check that you see dhcp connections in
conn.log? They should
be tagged with dhcp in the service field.
yes i can see conn.log getting entries for DHCP
* could you verify that loaded_scripts.log contains
These are the scripts are being loaded