[Bro] Flow statistic
CS Lee
geek00l at gmail.com
Wed Oct 10 17:34:30 PDT 2007
Hi there,
Regarding flow statistic, you can do -
bro -r whatever.pcap tcp udp icmp conn
It will generate the connection summaries for you which is pretty close to
what flow means. If you want to generate further statistic, you can use
ipsumdump + ipaggcreate.
Or if you are looking for something exactly like you have mentioned, take a
look at argus -
http://qosient.com/argus
Sometimes we really need right tool for the right job.
--
Best Regards,
CS Lee<geekooL[at]gmail.com>
http://geek00l.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20071011/4bab264b/attachment.html
More information about the Bro
mailing list