[Bro] Is it applicapable to specific target ip using command line in bro?
xydarcher at 163.com
Tue Dec 6 01:01:40 PST 2011
I want to analysis traffic in/out specific host (identified by ip) in trace file,
where processing for in/out streams are different. So i would be a problem to
notify the script what is my target host. A python script was used to generate
the command lines, such as
bro -r xxx.pcap yyyy.bro.
But here the bro script can't get the target ip through this kind of command.
Is there any mechanism in bro to fulfull this requirement?
There is a way to config ip in files, but i think that would meet its limited
on multi-thread processing.
or broccoli-python suit for me? how would it communicate with a trace file based bro server?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro