[Bro-Dev] [JIRA] (BIT-1580) Add ipv6 detection to conn.log

Johanna Amann (JIRA) jira at bro-tracker.atlassian.net
Sat Apr 30 20:35:00 PDT 2016

     [ https://bro-tracker.atlassian.net/browse/BIT-1580?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Johanna Amann updated BIT-1580:
    Resolution: Won't Do
        Status: Closed  (was: Open)

Just to repeat the commont from the github pull request here:


thank you very much for your pull request. Since this change only adds an additional field of data, which can already be deduced by the data that is present in conn.log, I do not think this is something we will want to add to the base scripts. While it might be convenient to have this for easy grepping in some cases, people who need this can easily add it to their own installation as a script that extends the conn.log

So - I would encourage you to change this to be a script that extends conn.log and publish it, e.g. in a bro-scripts repository in your github account. We will also create a easy way to add user scripts to bro in the future - things like these might make good candidates to be added to this.

> Add ipv6 detection to conn.log
> ------------------------------
>                 Key: BIT-1580
>                 URL: https://bro-tracker.atlassian.net/browse/BIT-1580
>             Project: Bro Issue Tracker
>          Issue Type: Patch
>          Components: Bro
>    Affects Versions: 2.4
>            Reporter: Malware Utkonos
>              Labels: IPv6
> This is an additional column added to conn.log to determine if the connection is using ipv6. The address itself makes this clear, but it is much easier to grep for T/F than examining the address.
> Pull request with patch:
> https://github.com/bro/bro/pull/70

This message was sent by Atlassian JIRA

More information about the bro-dev mailing list