[Bro] bro script/code sharing

Shane Filus filus at psc.edu
Wed Mar 30 15:37:33 PDT 2016


Hoping not to reinvent the wheel or duplicate work, but didn't find much
via google or in git.
Any info/pointers/code to the following areas would be greatly appreciated:

1. dDoS detection script
    This was a list topic back in 9/14.
    The thread hinted that a script was sent, but I didn't see one in
email or the list archive.

2. bro log reporting
    Back in the 2.0/BroLite days, there was 'site-report.pl' that could
generate daily summaries from bro logs.
    Anyone using anything similar for recent releases?

3. bro 'configurator'
    The dream is for a web interface you could use to configure and
inspect a bro deployment.
    Something that scans all the code(base/policy/site) for
modules/vars/notices and generates HTML.

thanks in advance!


More information about the Bro mailing list