[Bro] Bro on other Packet Trace Dumps.

Christoph Göldi goeldich at ee.ethz.ch
Sat Mar 19 05:11:36 PST 2005


if you have tcpdump files, you can easily do this with the -r flag:

> bro -r example.trace brolite

see page 9 and the following in the reference manual.

have fun

--On Samstag, 19. März 2005 14:31 +1100 Dana Zhang <berry1.0 at gmail.com>

> Hi, I'm new to bro and what I would like to do is run bro on 38 hours
> of packet traces that I've aquired from another website.
> Is there any simple way to do this?
> I'm a bit confused as how to do this because I don't want to monitor
> the traffic of my own website/network but analyse data that I
> extracted from another source.
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

More information about the Bro mailing list