Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-01 22:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/INSTALL
Jon Siwek 5288e7a7c9 Adding "install-aux" target + updating bro-aux submodule. 
And INSTALL file updates + format tweaks.
2011-09-19 14:53:39 -05:00

108 lines
3.5 KiB
Text
Raw Blame History

==============
Installing Bro
==============
Prerequisites
=============
Bro relies on the following libraries and tools, which need to be installed
before you begin:
* A C/C++ compiler
* Libpcap headers and libraries
Network traffic capture library
* Flex (Fast Lexical Analyzer)
Flex is already installed on most systems, so with luck you can
skip having to install it yourself.
* Bison (GNU Parser Generator)
This comes with many systems, but if you get errors compiling
parse.y, you will need to install it.
* Perl
Used only during the Bro build process
* sed
Used only during the Bro build process
* BIND8 headers and libraries
These are usually already installed as well.
* OpenSSL headers and libraries
For analysis of SSL certificates by the HTTP analyzer, and
for encrypted Bro-to-Bro communication. These are likely installed,
though some platforms may require installation of a 'devel' package
for the headers.
* CMake 2.6 or greater
CMake is a cross-platform, open-source build system, typically
not installed by default. See http://www.cmake.org for more
information regarding CMake and the installation steps below for
how to use it to build this distribution. CMake generates native
Makefiles that depend on GNU Make by default.
Bro can also make uses of some optional libraries if they are found at
installation time:
* Libmagic
For identifying file types (e.g., in FTP transfers).
* LibGeoIP
For geo-locating IP addresses.
* Libz
For decompressing HTTP bodies by the HTTP analyzer, and for
compressed Bro-to-Bro communication.
Installation
============
To build and install into ``/usr/local/bro``::
> ./configure
> make
> make install
This will perform an out-of-source build into a directory called
``build/``, using default build options. It then installs the Bro binary
into ``/usr/local/bro/bin``. Depending on the Bro package you
downloaded, there may be auxiliary tools and libraries available in the
``aux/`` directory. All of them except for ``aux/bro-aux`` will also be
built and installed by doing ``make install``. To install the programs
that come in the ``aux/bro-aux`` directory, additionally use ``make
install-aux``. There are ``--disable`` options that can be given to the
configure script to turn off unwanted auxiliary projects.
You can specify a different installation directory with::
> ./configure --prefix=<dir>
Note that ``/usr`` and ``/opt/bro`` are standard prefixes for binary
packages to be installed, so those are typically not good choices
unless you are creating such a package.
Run ``./configure --help`` for more options.
Running Bro
===========
Bro is a complex program and it takes a bit of time to get familiar
with it. A good place for newcomers to start is the quick start guide
available here:
http://www.bro-ids.org/documentation/quickstart.html
For developers that wish to run Bro from the the ``build/`` directory
after performing ``make``, but without performing ``make install``, they
will have to first set ``BROPATH`` to look for scripts inside the build
directory. Sourcing either ``build/bro-path-dev.sh`` or
``build/bro-path-dev.csh`` as appropriate for the current shell
accomplishes this and also augments your ``PATH`` so you can use Bro
without qualifying the path to it. e.g.::
> ./configure
> make
> source build/bro-path-dev.sh
> bro <options>
Reference in a new issue View git blame Copy permalink