FG-WARN: read_bro_notice_log - I/O operation failed. -

A3sal0n / FalconGate

A smart gateway to stop cyber criminals - Sponsored by Falcon Guard

https://falconguard.cz

GNU General Public License v3.0

252 stars 59 forks source link

FG-WARN: read_bro_notice_log - I/O operation failed. - #17

Closed lmolent closed 7 years ago

lmolent commented 7 years ago

Every 5 seconds in log: Mar 19 12:35:54 falcongate logparser.run[132]: FG-WARN: read_bro_notice_log - I/O operation failed. -

File /usr/local/bro/logs/current/notice.log doesn't exists.

lmolent commented 7 years ago

Hm, after few minutes is notice.log created.

A3sal0n commented 7 years ago

This is how Bro works. It won't create a log file unless there are events to insert. Usually the notice.log is missing for longer time because it's meant to hold just events reported if certain anomalies are present in your network. For example failed SSL certificate validation events and port scans.