[Bro] Getting flow stats from Bro
vladg at illinois.edu
Thu Feb 16 08:15:35 PST 2017
Not set of scripts for this that I'm aware of. The closest thing I'm
aware of is this script for computing PCR, which might be a good
jumping-off point at least:
Jim Simpson <jim.simpson.work at gmail.com> writes:
> Is there an existing set of scripts for Bro to get flow stats?
> I'm looking for counts, avg, and std dev on small packets, large packets,
> nonempty packets, interarrival times, etc, similar to what YAF gives with
> the `--flow-stats` option. I'm also interested in the Shannon entropy of
> the payload, similar to what YAF gives with the `--entropy` option.
> - Jim
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 800 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170216/f46acdad/attachment.bin
More information about the Bro