[Bro] Bro Log Analysis - by CIDR

Ryan iamreck at gmail.com
Wed Apr 29 06:42:33 PDT 2015

I'm looking at analyzing bro logs, filtering by an arbitrary CIDR.

Before I go write a Python script that will handle this - I was wondering
if something already existed.

As an example -

    zcat ssl.12\:00\:00-13\:00\:00.log.gz | bro-cut server_name id.orig_h |

I was also contemplating modifying bro-cut to handle this.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150429/8183abb4/attachment.html 

More information about the Bro mailing list