[Bro] Bro Log Analysis - by CIDR
iamreck at gmail.com
Wed Apr 29 10:49:32 PDT 2015
If I do write a Python script to do this - I'm heavily inclined to use
Python 3 (for the ipaddress Module).
On Wed, Apr 29, 2015 at 9:42 AM, Ryan <iamreck at gmail.com> wrote:
> I'm looking at analyzing bro logs, filtering by an arbitrary CIDR.
> Before I go write a Python script that will handle this - I was wondering
> if something already existed.
> As an example -
> zcat ssl.12\:00\:00-13\:00\:00.log.gz | bro-cut server_name id.orig_h
> | by_CIDR.py 22.214.171.124/23
> I was also contemplating modifying bro-cut to handle this.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro