Scroll to navigation

BROCTL(8) System Administration Utilities BROCTL(8)

NAME

broctl - interactive shell for managing Bro installations

SYNOPSIS

broctl <command>

DESCRIPTION

broctl is an interactive interface for managing a Bro installation which allows you to, e.g., start/stop the monitoring or update its configuration.

Before actually running broctl you first need to edit the broctl.cfg , node.cfg , and networks.cfg files. In the broctl.cfg file, you should review the broctl options and make sure the options are set correctly for your environment. Next, edit the node.cfg file and specify the nodes that you will be running. Finally, edit the networks.cfg file and list each network (see the examples in the file for the format to use) that is considered local to the monitored environment.

OPTIONS

Report interface statistics with capstats
Check configuration before installing it
Delete working dirs (flush state) on nodes
Print broctl configuration
Perform jobs intended to run from cron
Enable/disable "cron" jobs
Print nodes' current disk usage
Output diagnostics for nodes
Execute shell command on all hosts
Update broctl installation/configuration
Print nodes' current packet counters
Print node configuration
Print status of nodes' remote connections
Print values of script variable at nodes
Run Bro (with options and scripts) on trace
Stop and then restart processing
List the Bro scripts the nodes will load
Start processing
Summarize node status
Stop processing
Show Bro processes ala top
Update configuration of nodes on the fly

Commands provided by plugins:

Show Bro processes on nodes' systems

AUTHOR

broctl was written by The Bro Project <info@bro.org>.

This manual page was written by Raúl Benencia <rul@kalgan.cc> for the Debian project (but may be used by others).

November 2014