[Bro] Developing my own writer driver
johanna at icir.org
Wed Jan 28 10:14:29 PST 2015
There is a prototype of a postgresql writer in one a branch. However, it
is seriously outdated and will not compile with current Bro versions -- it
was either based on 2.2 or 2.1. And even for old bro versions it was
The best way to learn how to write logging writers is probably to take
a look at the already existing ones - they are mostly decapsulated from
Bro and quite easy to write.
On Wed, Jan 28, 2015 at 10:29:51AM -0700, Luis Miguel Silva wrote:
> Dear all,
> I'm brand new to bro (just found out about it and tried yesterday) and I'm
> very intrigued by its capabilities.
> The documentation says we can write outputs into databases BUT, as I got to
> the logging framework documentation, it seems the only "non file based"
> writer driver available is for sqlite.
> I'm really interested in using a server based SQL instance (like
> postgresql, mysql or mariadb) AND a NoSQL service (mongodb or couchdb).
> Are there any other writer drivers available (even if they are not
> officially supported / are part of non committed contributions)?
> If not, can someone give me some pointers on how to develop extra writer
> Thank you,
> Luis Silva
> Bro mailing list
> bro at bro-ids.org
More information about the Bro