[Bro] "services" variable referenced in known-services.bro
seth at icir.org
Fri Jun 5 11:59:36 PDT 2015
> On Jun 5, 2015, at 2:46 PM, Earl Eiland <earl.eiland at root9b.com> wrote:
> That helps a lot. When I run DPD, the various logs show that traffic is being correctly parsed. It seems that the information should appear in conn.log's service column, particularly when DPD is invoked from the command line. This, however, is not the case. What am I overlooking?
Could you show a little more concretely how you’re running Bro? Ideally you could provide a pcap that shows what you’re seeing although I understand if you’re unable to do that.
International Computer Science Institute
(Bro) because everyone has a network
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150605/54bd6bb1/attachment.bin
More information about the Bro