[Bro] feeding bro cluster with parameters without restarting it
william de ping
bill.de.ping at gmail.com
Thu Mar 2 02:45:20 PST 2017
I am also now reading about PYBROKER.
Can anyone provide me with an example of how can I use PYBROKER and a
python script to update a table inside a running bro cluster (bro workers
to be exact) ?
On Thu, Mar 2, 2017 at 11:33 AM, william de ping <bill.de.ping at gmail.com>
> Hello all,
> I know that I can update bro parameters using the INPUT framework (reading
> input files and updating a table for instance).
> The thing is that the INPUT framework (STREAM) and generally reading from
> files is relatively slow.
> Can I add elements to a table inside bro from lets say a syslog message or
> any other faster method ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro