[Bro] Newbie at bro, some questions

Dane Wullen brot212 at googlemail.com
Mon Sep 26 13:17:11 PDT 2016

Hi there,

you can read in trace files via a command shell:

bro -r <your_trace_file>

Bro will then generate log files in the directory you run the command.

To test a bro-script with a trace file you could run the command

bro -r <your_trace_file> <your_bro_script>


Am 26.09.2016 um 22:01 schrieb Yagyesh Srivastava:
> Hi,
> I am very new to bro, i dont quite fully understand how traces work.
> What i need to do is generate some attack traffic to test the changes 
> i am trying to make. I see there are some traces in bro, how do these 
> work?
> As in how can i use those to test with bro?
> Also in the bro traces, i dont find the traffic for DOS attack and sql 
> injection attack, can we find the traces for these somewhere else?
> Thanks and regards
> Yagyesh
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160926/aee2ba59/attachment.html 

More information about the Bro mailing list