[Bro] Connection records in a database?
Christopher Jay Manders
cjmanders at gmail.com
Fri Oct 3 09:26:21 PDT 2008
I have written a similar program in C. It imports over 2 Mill. connection
log lines in just about 20 minutes. Other scripted methods, such as via
Perl, appear to take a bit more time, CPU and RAM, which is why I chose C.
It parses logs (conn.log only right now) from Bro and puts the contents into
The code is autoconf'ed, so you might want to give it a try. I also include
the SQL Table layout I used.
I have the code up here: https://sourceforge.net/projects/bro-tools/
On Fri, Oct 3, 2008 at 4:20 AM, Seth Hall <hall.692 at osu.edu> wrote:
> On Oct 3, 2008, at 3:06 AM, Stephen Chan wrote:
> > Seth Hall wrote:
> >> I'm going to get started on a C or C++ application soon that will use
> >> Broccoli to listen to some event which would be intended for database
> >> logging.
> > Hi Seth,
> > I've got one written already, if you're interested I can send you
> > the source.
> Please! I actually just wrote one which is getting close to working,
> but I'd be happy to see your implementation.
> Seth Hall
> Network Security - Office of the CIO
> The Ohio State University
> Phone: 614-292-9721
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro