[Bro] Trace Execution with broctl

Will baxterw3232 at gmail.com
Mon Apr 4 07:27:43 PDT 2011


Is there currently a way to run an offline trace using broctl?

I saw some posts about potentially having a 'read' command, but it doesn't
appear to be implemented yet.

I am really trying to understand how to modify a few things that are being
done by the broctl scripts. I get my desired results when running bro by
itself, but need to see exactly how broctl is making changes. I was able to
make some of the changes in the template scripts that are used when broctl
is installed, but there are some things I still seem to be missing.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20110404/ae201e72/attachment.html 

More information about the Bro mailing list