[Bro] SSN detection script

Seth Hall seth at icir.org
Mon Aug 20 14:12:41 PDT 2012

On Aug 16, 2012, at 1:54 PM, Seth Hall <seth at icir.org> wrote:

> https://github.com/sethhall/ssn-exposure

I just added a small configuration option for this script to enable redaction on the ssn_exposure.log since users were having PII logs created for them by positive detections.

It can be enabled with:
	redef SsnExposure::redact_logs = T;

I did another little fix to remove SSNs from notices too (they weren't supposed to be there in the first place!).


Seth Hall
International Computer Science Institute
(Bro) because everyone has a network

More information about the Bro mailing list