[Bro] Bro and Snort together

Matthias Vallentin vallentin at icir.org
Sun Oct 18 09:20:40 PDT 2015

> Anyone have used Bro and Snort together to the same live traffic?

You could give packet-bricks a shot:


It requires netmap, however. You'd use a Duplicator brick to split up
the traffic over two pipes.


More information about the Bro mailing list