From aid.phd at gmail.com  Sat Sep 19 19:39:18 2015
From: aid.phd at gmail.com (Aid Zain)
Date: Sun, 20 Sep 2015 05:39:18 +0300
Subject: [TM] I need guide for TimeMachine in Bro?
Message-ID: <CAFz6Ecwzay_uucLMgF6MhT4uZRNB-BVbokPAGFk5n+6+BxuPrA@mail.gmail.com>

Dear All

I want to use Timemachine in Bro,
I run Bro live, then suspicious IP's are generated. Then I want to retrieve
the payloads of those IP's packets (based on IP address and maybe
timestamp) for further analysis to make sure whether they are really
intrusion of false positive.

I have no idea about using Timemachine, is there any guide for this, step
by step to use and configure TM?
Is TM stable now so that I can rely on it in current PhD research?

My bro version: 2.3 running on ubuntu 14.04


Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/time-machine/attachments/20150920/cac1cee6/attachment.html