[Bro] Bro on other Packet Trace Dumps.
goeldich at ee.ethz.ch
Sat Mar 19 05:11:36 PST 2005
if you have tcpdump files, you can easily do this with the -r flag:
> bro -r example.trace brolite
see page 9 and the following in the reference manual.
--On Samstag, 19. März 2005 14:31 +1100 Dana Zhang <berry1.0 at gmail.com>
> Hi, I'm new to bro and what I would like to do is run bro on 38 hours
> of packet traces that I've aquired from another website.
> Is there any simple way to do this?
> I'm a bit confused as how to do this because I don't want to monitor
> the traffic of my own website/network but analyse data that I
> extracted from another source.
> Bro mailing list
> bro at bro-ids.org
More information about the Bro