[Bro] Newb with a couple questions

anthony kasza anthony.kasza at gmail.com
Wed Mar 13 15:14:38 PDT 2013

Depending on what you are trying to accomplish, you can filter the
data by protocol after it's been written to the conn.log file with
bro-cut or awk.


On Wed, Mar 13, 2013 at 4:13 PM, James Lay <jlay at slave-tothe-box.net> wrote:
> Hey all!
> I am wondering how to filter protocols from the conn.log?  I've been
> looking at:
> http://www.bro.org/documentation/logging.html#filtering
> But that seems to point to filtering columns, and not protocols.
> Thanks for any insight.
> James
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

More information about the Bro mailing list