[Bro] saving packet content to disk
tbi28430 at gmail.com
Tue Jun 6 06:23:18 PDT 2017
Is there a way to save the packet content to disk, for example, when
detecting the http_header event matching certain criteria (host name), how
can I get the packet payload (http_entity_data ?) and save to disk in
binary form ?
Do I need to create custom writer ?
My apology for any confusion since I am new to BRO.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro