[Bro] Get interface from bro scripts

Ben McDowall Ben.McDowall at spark.co.nz
Sun Aug 21 02:58:07 PDT 2016


?I too am looking for this type of functionality. Currently I have one box that has about 8 interfaces on it, all looking at different network segments, its important I can identify the interface it came from, ideally I could split the logs to sit in different folders too.


Is there any plans for this in the roadmap?

________________________________
From: bro-bounces at bro.org <bro-bounces at bro.org> on behalf of Bowen Li <newfire.bw at gmail.com>
Sent: Saturday, 20 August 2016 9:47 p.m.
To: bro at bro.org
Subject: [Bro] Get interface from bro scripts

Hey all,

I am running a bro cluster and I need to distinguish different interface in bro scripts. Is there any way or build in functions to get the interface used by the current thread in bro scripts?

Any insight would be helpful.


This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160821/72317530/attachment.html 


More information about the Bro mailing list