[Bro] Yara integration with Bro 2.5
briford.wylie at gmail.com
Wed Apr 12 14:11:23 PDT 2017
Erik has a good point about overhead. So for offloading (and because I love
python) I threw together the Bro to Python repo and added a yara example.
Might be useful if you like Python.. shrug...donno... just throwing it out
On Wed, Apr 5, 2017 at 7:02 AM, erik clark <philosnef at gmail.com> wrote:
> Er, doesnt this come with massive overhead? Also, file inspection rules
> are non-trivial. Given the number of files that bro processes, it seems
> that on anything other than a very tiny link this would cause giant
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro