[Bro] TCP connection summaries
jonschipp at gmail.com
Sat Sep 28 08:00:47 PDT 2013
To pass a BPF try ``-f tcp''
On Sat, Sep 28, 2013 at 8:07 AM, Laleh Arshadi <la_arshadi at yahoo.com> wrote:
> Hi all
> I see that you can get a connection summary log of an offline pcap traffic
> file by running bro with a simple command line as:
> bro -r traffic_file_name
> I have tested this command and it works well. But I am only interested in
> TCP connection summaries so I tried:
> bro -r traffic_file_name tcp
> But I get an error indication 'tcp' as unkown. What have I missed here?
> L. Arshadi
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro