What version of bro are you using?
On February 10, 2020 at 18:20:11, Beneduce, Kristen (kben...@sandia.gov) wrote: Hello, I’m trying to configure Metron bro plugin by following instructions here: https://github.com/apache/metron-bro-plugin-kafka/. I’m unable to build the plugin. I built Zeek from source and tried using ‘zkg’ (zeek package manger) as well as manual installing the plugin. During manual installation the flag in “./configure —bro-dist=…” is not recognized. Any assistance you can provide much appreciated! Thank you, Kris ---------------------------- user@host:~/zeek/librdkafka-0.11.5# zkg install apache/metron-bro-plugin-kafka --version master The following packages will be INSTALLED: zeek/apache/metron-bro-plugin-kafka (master) Verify the following REQUIRED external dependencies: (Ensure their installation on all relevant systems before proceeding): from zeek/apache/metron-bro-plugin-kafka (master): librdkafka ~0.11.5 Proceed? [Y/n] Y zeek/apache/metron-bro-plugin-kafka asks for LIBRDKAFKA_ROOT (Path to librdkafka installation tree) ? [/root/zeek/librdkafka-0.11.5] /usr/local/lib Saved answers to config file: /root/.zkg/config *Running unit tests for "zeek/apache/metron-bro-plugin-kafka"* *error: failed to run tests for zeek/apache/metron-bro-plugin-kafka: package build_command failed, see log in /root/.zkg/logs/metron-bro-plugin-kafka-build.log* Proceed to install anyway? [N/y] user@host:~/zeek/librdkafka-0.11.5# less /root/.zkg/logs/metron-bro-plugin-kafka-build.log === STDERR === === STDOUT === *Cannot determine Bro source directory, use --bro-dist=DIR.* */root/.zkg/logs/metron-bro-plugin-kafka-build.log (END)*
