[Bro-Dev] Bro package granularity
Jan Grashöfer
jan.grashoefer at gmail.com
Mon Jan 22 10:38:46 PST 2018
Hi,
packaging some POC-seen scripts for the intel framework I was wondering
what would be the preferred granularity of Bro packages. In case of seen
scripts, it feels extreme to generate a package for every script.
So one approach would be to group them into a single package and let the
user load the single scripts on demand. But, some of the scripts might
depend on other packages. These packages would be suggested during
install. Assuming a minimal install this could lead to a couple of
scripts, that spit errors if loaded. So if someone decides to load the
scripts later, he or she might forgot about the dependencies. In that
case it would be nice if one could check either for the availability of
certain identifiers (lookup_ID didn't work for me due to type clash in
comparison) or a package.
What would be the preferred way?
Thanks,
Jan
More information about the bro-dev
mailing list