[Bro] Raw (eml) Email Extraction Bro 2.4
vgarramone at gmail.com
Mon Sep 28 14:27:46 PDT 2015
I would like to do full email extraction (eml) to file from STMP traffic;
should this happen naturally with the new file extraction framework?
I found this exchange from a while back, but haven't found anything more
recent on the topic:
I'm currently using Bro 2.4 and a script pretty similar to this one for
It looks like I'm getting the message content and attachments, but
apparently not the raw email.
Any tips would be greatly appreciated!
Thanks very much,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro