<div dir="ltr">Hi,<br><br>I have written a similar program in C. It imports over 2 Mill. connection log lines in just about 20 minutes. Other scripted methods, such as via Perl, appear to take a bit more time, CPU and RAM, which is why I chose C.<br>
<br>It parses logs (conn.log only right now) from Bro and puts the contents into MySQL.<br><br>The code is autoconf'ed, so you might want to give it a try. I also include the SQL Table layout I used.<br><br>I have the code up here: <a href="https://sourceforge.net/projects/bro-tools/">https://sourceforge.net/projects/bro-tools/</a><br>
<br>HTH<br><br>Cheers!<br>--Christopher<br><br><br><br><br><br><br><div class="gmail_quote">On Fri, Oct 3, 2008 at 4:20 AM, Seth Hall <span dir="ltr"><<a href="mailto:hall.692@osu.edu">hall.692@osu.edu</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d"><br>
On Oct 3, 2008, at 3:06 AM, Stephen Chan wrote:<br>
<br>
> Seth Hall wrote:<br>
>><br>
>> I'm going to get started on a C or C++ application soon that will use<br>
>> Broccoli to listen to some event which would be intended for database<br>
>> logging.<br>
> Hi Seth,<br>
> I've got one written already, if you're interested I can send you<br>
> the source.<br>
<br>
<br>
</div>Please! I actually just wrote one which is getting close to working,<br>
but I'd be happy to see your implementation.<br>
<div class="Ih2E3d"><br>
.Seth<br>
<br>
---<br>
Seth Hall<br>
Network Security - Office of the CIO<br>
The Ohio State University<br>
Phone: 614-292-9721<br>
<br>
_______________________________________________<br>
</div><div><div></div><div class="Wj3C7c">Bro mailing list<br>
<a href="mailto:bro@bro-ids.org">bro@bro-ids.org</a><br>
<a href="http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro" target="_blank">http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro</a><br>
</div></div></blockquote></div><br></div>