[Bro] bro script/code sharing
filus at psc.edu
Wed Mar 30 15:37:33 PDT 2016
Hoping not to reinvent the wheel or duplicate work, but didn't find much
via google or in git.
Any info/pointers/code to the following areas would be greatly appreciated:
1. dDoS detection script
This was a list topic back in 9/14.
The thread hinted that a script was sent, but I didn't see one in
email or the list archive.
2. bro log reporting
Back in the 2.0/BroLite days, there was 'site-report.pl' that could
generate daily summaries from bro logs.
Anyone using anything similar for recent releases?
3. bro 'configurator'
The dream is for a web interface you could use to configure and
inspect a bro deployment.
Something that scans all the code(base/policy/site) for
modules/vars/notices and generates HTML.
thanks in advance!
More information about the Bro