[Bro] nfs analysis
muscletot at gmail.com
Fri Sep 21 17:25:40 PDT 2007
Quick question: is the documentation regarding NFS on the Bro-wiki accurate?
"Deficiency: Bro's notion of NFS is currently confined to just
knowledge of the existence of these services. It does not analyze the
particulars of different NFS operations."
I am trying to extract some NFS file access events from a trace and
cannot seem to get the nfs_request_* nfs_attempt_* event handlers to
trigger. Should I be able to?
More information about the Bro