[Bro] Worker Identification
matt.clemons at gmail.com
Fri Nov 21 09:06:26 PST 2014
Is there a way to extend Bro to add a "worker" field in the files.log? I'd
like to know where the packets are being processed.
I'm doing file carving and the carved files are stored locally to each
respective worker. Finding the interface the files crossed is pretty
difficult in a large network.
Also, it would be nice to extend other logs to see what traffic is crossing
what workers in order to map the network.
Maybe this is already possible, but i couldn't find much, and I'm pretty
new at brogramming.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro