[Bro] feeding bro cluster with parameters without restarting it
jan.grashoefer at gmail.com
Thu Mar 2 02:45:57 PST 2017
> Can I add elements to a table inside bro from lets say a syslog message or
> any other faster method ?
There is a syslog analyzer you could theoretically use (
but I would strongly discourage mixing monitored traffic and control
traffic. If you want to interact with Bro, broker might be of interest
example, I have used broker to write a python script that allows to
delete intel items.
More information about the Bro