/tmp/bro/bro/policy/pcap.bro, line 62: error: unknown identifier log, at
or near "log"
What version of Bro are you using? 0.9 has changed "log" to "alarm". In
addition, pcap.bro that ships with the latest 0.9 doesn't have a line like
the one you show.
Vern
Its a cobbled together mess of policy scripts used at LBL on Bro 0.8.
Given your feedback, I'll go back to the drawing board. Its odd, tho', since I've run these same policy scripts on a Windows box, after porting Bro 0.9 to cygwin, without a problem..... (except for compiling nightmares - another story for another time).
Vern Paxson wrote: