Bro Logs location/types

Ok folks another question.

In Rock is there the normal log files (conn, dns, wierd, ect)?
Only seem to be seeing sterr, stdout, reporter, stats log file


If using the installation outlined in then it should land in the /data directory. That is also where your stdout.11:11:11-11:11:11.log are located. So it may be that you do not have any traffic coming across it it yet. Run tcpdump on the interface and see if the interface is capturing anything.


Thanks, playing with it, but having issues where the log files were not being created, (only on multiple restarts of service). I would only have the stderr, stdout, reporter, and broker. The others (conn,x509,http,dns) were not showing when running traffic. Just wanted to make sure the setup was differant because it uses Kafka *(never used kafka before)