Good Afternoon.My questions are as follows:
Q1. I can not solve the problem when doing bro_config, and the command lines
are in the attached file config.txt .
I do not know whether my configuration is setup right.
Because I only get a log file in the /usr/local/bro/logs fold (in the
attached file info.localhost.09-06-25_13.25.33).
In the /usr/local/bro/reports folder there is no report file.
Are the report generated automatically? Or shuld I generate it by
Q2. In the quick-Start file, I find that the report example. At the end of
the report, there is a list of connections(only first 25 after alarm are
I want to ask: if there is no alarm, will there be no connections list
(such as time and byte information)?
And Bro can list only first 25 connections after alarm ?
If I want the information of all connections, how can I get that?
Thank you very much!
I am looking forward for your reply.[?]
Show replies by date