[Bro] Instrumentation plugin (WIP)

Clark, Gilbert gc355804 at ohio.edu
Thu Jun 18 04:26:29 PDT 2015


Hi list:

Just a quick note to say that I've been working on a plugin to support profiling bro script execution in my spare time.  The eventual goal is to make it a bit easier to profile / troubleshoot / optimize bro's performance.

I'm soliciting a bit of feedback / thoughts / opinions if folks have time and interest to spare.  Current code is here:

https://github.com/cubic1271/bro-plugin-instrumentation

There's a pretty long README in the repository.  CSV and JSON output formats are supported at present.

There's also a pretty basic web UI included in the 'ui' directory of the project that eats the JSON output and turns it into something a little more human-readable.  An example of what this looks like is available here:

https://cubic1271.github.io/bro-plugin-instrumentation/#/home

The 'What is it?' tab on that page has more information on the UI along with a short explanation of how to deploy the web application to poke through local profiling data.  The short version is that grabbing the 'gh-pages' branch of the instrumentation plugin repository and replacing the JSON files / callgraph.png with your own data, then serving with python -m SimpleHTTPServer or the like and loading in a browser should do the trick.

The example data in the above was pulled from a public example trace I found on the internet somewhere.

Questions / comments / concerns / criticism, please feel free to get in touch.

Cheers,
Gilbert Clark



More information about the Bro mailing list