[Bro] feeding bro cluster with parameters without restarting it
william de ping
bill.de.ping at gmail.com
Thu Mar 2 01:33:46 PST 2017
I know that I can update bro parameters using the INPUT framework (reading
input files and updating a table for instance).
The thing is that the INPUT framework (STREAM) and generally reading from
files is relatively slow.
Can I add elements to a table inside bro from lets say a syslog message or
any other faster method ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro