[Bro] Trace Execution with broctl
baxterw3232 at gmail.com
Mon Apr 4 07:27:43 PDT 2011
Is there currently a way to run an offline trace using broctl?
I saw some posts about potentially having a 'read' command, but it doesn't
appear to be implemented yet.
I am really trying to understand how to modify a few things that are being
done by the broctl scripts. I get my desired results when running bro by
itself, but need to see exactly how broctl is making changes. I was able to
make some of the changes in the template scripts that are used when broctl
is installed, but there are some things I still seem to be missing.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro