[Bro] Store PCAP logs
dnthayer at illinois.edu
Mon Aug 3 10:06:28 PDT 2015
Bro can generate pcap files with the "-w" command-line option.
bro -i eth0 -w output.pcap
On 08/03/2015 08:14 AM, 陈昱竹 wrote:
> I've installed Bro IDS on my computer, and I want to know is it possible
> to make Bro generate pcap logs? Because I want to use Wireshark to
> analyze Bro logs.
> Another question, does anyone tried Splunk to analyze Bro logs? Can
> anyone give me some advice?
> Any help would be great. Thank You.
More information about the Bro