[Bro] Netflow and bro
johanna at icir.org
Tue Oct 10 10:08:32 PDT 2017
> Is there a decoder for Netflow, such that one could use bro to collect and
> log Netflow packets seen by a hardware tap, from multiple sources, in a
> similar fashion to how Bro handles syslog?
while there was support for this in the past, it was removed a while ago
(I think the last version supporting this was 1.5, and even then it was
not well tested and there were not scripts for it as far as I know).
So - sadly the answer here is no.
> Bro mailing list
> bro at bro-ids.org
More information about the Bro