[Bro] Bro vs Netflow
seth at icir.org
Mon Jun 22 13:44:15 PDT 2015
> On Jun 22, 2015, at 4:37 PM, James Lay <jlay at slave-tothe-box.net> wrote:
> I took out softflowd and reverted to my previous version of logstash.conf. I have to say, it was pretty cool to have my Kibana graphs up of Bro's conn.log and softflowd side by side to compare....was pretty awesome.
Nice, did you notice any major discrepancies?
International Computer Science Institute
(Bro) because everyone has a network
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150622/1e56d45a/attachment.bin
More information about the Bro