[Bro] Connection records in a database?

Vern Paxson vern at icir.org
Sat Oct 4 16:31:41 PDT 2008

> I want to stuff connections records into a relational database (likely  
> postgres).  Has anyone done this?

Note, we have a significant research project underway for exporting Bro
events into a high-performance database for purposes of both forensics and
real-time detection of previously described activity.  We describe the
vision in our recent HotSecurity paper:


The underlying technology is partially implemented, but won't be ready
for use by others for a good while.


More information about the Bro mailing list