[Bro] Getting 'standard' Bro events into Python

Brian Wylie briford.wylie at gmail.com
Thu Mar 23 12:40:35 PDT 2017

Hi All,

I'm fairly new to Bro and I have a question very similar to this one '

Basically I want the easiest/best path to get standard Bro events (conn,
http, dns, ssl, weird..etc) into Python.

1) Is broctl / python-broccoli the best path?
       - Note: in my testing I had to use broctl> start .  in order for my
python Connection() to work
       - If this isn't necessary and I can do the same with just running
Bro standalone pls let me know

2) If broctl/python-broccoli IS the best path then how do I 'subscribe' to
the standard events?
      - Is there a list of the standard events?
      - If so do I just @event with a method that has the same name as the

Sorry if these are naive questions, but so far my googling/trying/testing
has been a bit hit-miss :)

-Brian Wylie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170323/ba6f75dd/attachment.html 

More information about the Bro mailing list