[Bro] Exfil scripts
rmarsh at salesforce.com
Thu Jan 5 14:16:57 PST 2017
I'm relatively new to Bro and would like input if there are other
exfiltration detection scripts out there other than these two:
Additionally, when I try to run the first script, I get a split string
error on this line:
local parts = split_string(key$str, /, /);
This is odd because my understanding is that the split_string function
should be built-in and part of base/bif/strings.bif.bro, and it's function
is defined here: is a defined function as per here (
Any input on either of these questions would be appreciated. Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro