[Bro] Encrypting bro logs before storing to disk
Siwek, Jonathan Luke
jsiwek at illinois.edu
Thu Aug 8 13:34:30 PDT 2013
> I would like get feedback on whether this seems right and if I missing something that has already been done and can be used without this hack.
That approach (changing every place the Ascii writer does a write in the C++ land) sounds like it would work. And if the encryption behavior were made toggle-able (possibly via some script-land variables that could be set/redef'd), that would make a patch to do such a thing more acceptable.
More information about the Bro