change policy at run time

bchen · June 7, 2005, 1:20am

Hi all,
Is there any way that I can change policy at run time, i.e, adjust some
sensitivity parameters without stopping and restarting Bro?
When will Bro have the capability of reading disk files?

thanks

Bing

robin · June 8, 2005, 7:14am

Is there any way that I can change policy at run time, i.e, adjust some
sensitivity parameters without stopping and restarting Bro?

Yes, in fact there is. In a nutshell: run Bro with checkpoint.bro.
Then, if you want to change something, edit the config and start Bro
with option -g. The new instance will dump its config into
.state/config.bst and exit. Then you can copy config.bst into the
running Bro's .state directory and it will pick it up.

Caveat: This is still experimental; I don't think that many people
have played with it yet...

When will Bro have the capability of reading disk files?

Not sure. I think there are plans for supporting script-level
input/output eventually, but I don't know if anybody is already
working on it.

Robin

Topic		Replies	Views
change policy at run time Zeek	1	59	May 6, 2022
login.bro policy run-time error Zeek	2	81	May 6, 2022
Adding policies & bro.cfg Zeek	1	73	May 6, 2022
Hi Zeek	1	64	May 6, 2022
Error Bro install Zeek	9	79	May 6, 2022

change policy at run time

Related Topics