metron bro kafka has not been updated to work with bro > 2.6 yet unfortunately.
On February 11, 2020 at 11:33:57, Beneduce, Kristen ([email protected]) wrote: Hello Otto, Zeek version 3.1.0-dev.548 Is there a known compatible version I should install? Thank you! Kris *From:* Otto Fowler <[email protected]> *Sent:* Tuesday, February 11, 2020 7:49 AM *To:* [email protected] *Subject:* [EXTERNAL] Re: zeek metron-bro-plugin-kafka plugin build errors What version of bro are you using? On February 10, 2020 at 18:20:11, Beneduce, Kristen ([email protected]) wrote: Hello, I’m trying to configure Metron bro plugin by following instructions here: https://github.com/apache/metron-bro-plugin-kafka/. I’m unable to build the plugin. I built Zeek from source and tried using ‘zkg’ (zeek package manger) as well as manual installing the plugin. During manual installation the flag in “./configure —bro-dist=…” is not recognized. Any assistance you can provide much appreciated! Thank you, Kris ---------------------------- user@host:~/zeek/librdkafka-0.11.5# zkg install apache/metron-bro-plugin-kafka --version master The following packages will be INSTALLED: zeek/apache/metron-bro-plugin-kafka (master) Verify the following REQUIRED external dependencies: (Ensure their installation on all relevant systems before proceeding): from zeek/apache/metron-bro-plugin-kafka (master): librdkafka ~0.11.5 Proceed? [Y/n] Y zeek/apache/metron-bro-plugin-kafka asks for LIBRDKAFKA_ROOT (Path to librdkafka installation tree) ? [/root/zeek/librdkafka-0.11.5] /usr/local/lib Saved answers to config file: /root/.zkg/config *Running unit tests for "zeek/apache/metron-bro-plugin-kafka"* *error: failed to run tests for zeek/apache/metron-bro-plugin-kafka: package build_command failed, see log in /root/.zkg/logs/metron-bro-plugin-kafka-build.log* Proceed to install anyway? [N/y] user@host:~/zeek/librdkafka-0.11.5# less /root/.zkg/logs/metron-bro-plugin-kafka-build.log === STDERR === === STDOUT === *Cannot determine Bro source directory, use --bro-dist=DIR.* */root/.zkg/logs/metron-bro-plugin-kafka-build.log (END)*
