[Bro] About Bro and splitting of the tcpdump trace

He Haitao billowhe_2000 at 163.com
Mon Sep 26 06:01:06 PDT 2005


I want to find a tool to split the captured trace (using tcpdump tool) into two parts: the normal sub-trace and the abnormal one which compising of network attacks detected, can the Bro do ? If not, any suggestion is perferred. 

Thanks a lot! 


More information about the Bro mailing list