[Bro] File extraction after checking hash.

erik clark philosnef at gmail.com
Tue Oct 4 05:47:14 PDT 2016

Can't you simply write a script that calls file extract at a later date? I
would think to hook it into file intel which runs after the file analysis
(its comparing hashes) and extract at that point, not before...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20161004/287c4eb6/attachment-0001.html 

More information about the Bro mailing list