[Bro] Getting 'standard' Bro events into Python
briford.wylie at gmail.com
Fri Mar 24 10:54:52 PDT 2017
Okay, after a bit more hunting I see the new Broker communications docs.
I see that you can wrap the broker API with SWIG, so this is all good new.
Anyway happen to have/make/point me to a small example python script that
maybe subscribes to all connection events (events that go into conn.long)?
Thanks a bunch,
On Thu, Mar 23, 2017 at 1:40 PM, Brian Wylie <briford.wylie at gmail.com>
> Hi All,
> I'm fairly new to Bro and I have a question very similar to this one '
> Basically I want the easiest/best path to get standard Bro events (conn,
> http, dns, ssl, weird..etc) into Python.
> 1) Is broctl / python-broccoli the best path?
> - Note: in my testing I had to use broctl> start . in order for my
> python Connection() to work
> - If this isn't necessary and I can do the same with just running
> Bro standalone pls let me know
> 2) If broctl/python-broccoli IS the best path then how do I 'subscribe' to
> the standard events?
> - Is there a list of the standard events?
> - If so do I just @event with a method that has the same name as the
> Sorry if these are naive questions, but so far my googling/trying/testing
> has been a bit hit-miss :)
> -Brian Wylie
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro