[Bro-Dev] [JIRA] (BIT-1478) BPF Filter for local.bro per activated log file
Lu Goon (JIRA)
jira at bro-tracker.atlassian.net
Mon Sep 14 04:04:00 PDT 2015
Lu Goon created BIT-1478:
----------------------------
Summary: BPF Filter for local.bro per activated log file
Key: BIT-1478
URL: https://bro-tracker.atlassian.net/browse/BIT-1478
Project: Bro Issue Tracker
Issue Type: Problem
Components: Bro
Affects Versions: 2.3, 2.4
Environment: linux, mac osx,
Reporter: Lu Goon
when activating the x509.log or bro script in local.bro, can I configure a BPF filter to only affect x509? For example I only want to have events that the dust_host is our DMZ subnet. Can I configure that in the x509.bro file or some other bro configuration file?
--
This message was sent by Atlassian JIRA
(v7.0.0-OD-05-005#70102)
More information about the bro-dev
mailing list