[Bro] (no subject)

hasssan ibra has2an1 at yahoo.com
Wed Oct 8 00:51:39 PDT 2008

Hi to All,

does any body know how can I get the hot attribute from the connection record structure to be a column in the connection log file and also the same for the attribute logged in which determine if the host is logged in ( 1 ) or not ( 0 )

to be more clear I trying to get a log file from Bro which is similar to the KDD'99 data set  
it has those attribute

duration, protocol_type, theService, flag (== state in Bro connection record struct), src_bytes, dst_bytes, hot, logged_in, 
theCount, srv_count, serror_rate, rerror_rate, srv_rerror_rate, same_srv_rate, diff_srv_rate, srv_diff_host_rate, dst_host_count, dst_host_srv_count, dst_host_diff_srv_rate, dst_host_same_src_port_rate, 
                      dst_host_serror_rate, dst_host_srv_serror_rate, dst_host_rerror_rate, dst_host_srv_rerror_rate, attack_type and many others

the red attributes are important to me and natively this dataset is generated by using Bro and another programme 

I will be very grateful if you helped me,
Thanks in advance to your help,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20081008/412fdc7b/attachment.html 

More information about the Bro mailing list