Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There is a problem with the integration of zeek and metron-bro-plugin-kafka #369

Open
shuaidonga opened this issue May 16, 2019 · 1 comment

Comments

Projects
None yet
2 participants
@shuaidonga
Copy link

commented May 16, 2019

Start with broctl after installing metron-bro-plugin-kafka
The following error occurred:

[logger]

No core file found.

Bro 2.6-195
Linux 3.10.0-862.el7.x86_64

Bro plugins:
Apache::Kafka - Writes logs to Kafka (dynamic, version 0.3.0)

==== reporter.log

==== stderr.log
fatal error: errors occurred while initializing

==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) unlimited
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited

==== .cmdline
-U .status -p broctl -p broctl-live -p local -p logger local.bro broctl base/frameworks/cluster broctl/auto

==== .env_vars
PATH=/usr/local/bro/bin:/usr/local/bro/share/broctl/scripts:/usr/local/bro/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/root/bin
BROPATH=/usr/local/bro/spool/installed-scripts-do-not-touch/site::/usr/local/bro/spool/installed-scripts-do-not-touch/auto:/usr/local/bro/share/bro:/usr/local/bro/share/bro/policy:/usr/local/bro/share/bro/site
CLUSTER_NODE=logger

==== .status
TERMINATED [atexit]

==== No prof.log

==== No packet_filter.log

==== loaded_scripts.log

[manager]

Bro 2.6-195
Linux 3.10.0-862.el7.x86_64

Bro plugins:
Apache::Kafka - Writes logs to Kafka (dynamic, version 0.3.0)

==== No reporter.log

==== No stderr.log

==== No stdout.log

==== No .cmdline

==== No .env_vars

==== No .status

==== No prof.log

==== No packet_filter.log

==== No loaded_scripts.log

[proxy-1]

Bro 2.6-195
Linux 3.10.0-862.el7.x86_64

Bro plugins:
Apache::Kafka - Writes logs to Kafka (dynamic, version 0.3.0)

==== No reporter.log

==== No stderr.log

==== No stdout.log

==== No .cmdline

==== No .env_vars

==== No .status

==== No prof.log

==== No packet_filter.log

==== No loaded_scripts.log

[worker-1-1]

Bro 2.6-195
Linux 3.10.0-862.el7.x86_64

jsiwek added a commit that referenced this issue May 17, 2019

Always emit scripting errors to stderr during zeek_init
Otherwise, setting Reporter::errors_to_stderr=F causes important
error messages to be lost (and this setting is the default for
ZeekCtl).  E.g. now that we terminate if there's errors during
zeek_init, GH-369 shows that the only error message given was
"fatal error: errors occurred while initializing", which is not
helpful in determining the actual issue.
@jsiwek

This comment has been minimized.

Copy link
Member

commented May 17, 2019

The master branch should give better error messages now, else the easiest way to get the real error messages may be to temporarily edit:

/usr/local/bro/share/bro/broctl/main.bro
14:redef Reporter::errors_to_stderr = F;

To set that option to T and then re-run deploy / diag. Once you do, please report back the new error messages given.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.