For the Bro Cluster, we are developing an interactive shell to facilitate easy operation of such multi-system setups. The shell provides a customizable framework for all the common tasks involved in maintaining a Bro setup, such as configuration & installation, log rotation & archival, mail notifications, profiling, etc.
While we originally intended the shell to be used with clusters, it seems only natural to provide the same functionality for traditional, single-system Bro setups as well. Consequently, we added a standalone mode to the shell, and the freshly updated shell documentation explains how to set this up.
Be careful though: this is still under development and requires an unstable development version of Bro. Things are still in flux and the shell is not suitable for production use at this time. If however the standalone mode turns out to work well, it might at some point replace Bro's current BroLite run-time framework, which is no longer maintained.
No comments:
Post a Comment