[Bro] Raw (eml) Email Extraction Bro 2.4
louieamone at gmail.com
Thu Sep 3 08:15:33 PDT 2015
I would like to do full email extraction (eml) to file from STMP traffic;
should this happen naturally with the new file extraction framework?
I found this exchange from a while back, but haven't found anything more
recent on the topic:
I'm currently using Bro 2.4 and a script pretty similar to this one for
It looks like I'm getting the message content and attachments, but
apparently not the raw email.
Thanks very much!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro