[Bro] importing bro rules

Seth Hall seth at icir.org
Mon Jun 3 19:11:15 PDT 2013


On Jun 3, 2013, at 3:02 PM, Oğuz Yarımtepe <oguzyarimtepe at gmail.com> wrote:

> Is there any way to use bro rules at an external program. I want to detect raw traffic anomalies/attacks and instead of installing Bro i wonder whether i can just use the rules and parse them to gather some information. Maybe there exists an already written solution?

I believe you are misunderstanding Bro.  Please give it a try instead of trying to avoid it. :)

  .Seth

--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/





More information about the Bro mailing list