[Bro] question about tcpdump logging
Christian Kreibich
christian at whoop.org
Fri Apr 15 12:23:58 PDT 2005
Hi Scott,
check out the -w flag as described on
http://www.bro-ids.org/Bro-reference-manual/Flags.html#Flags
Cheers,
Christian.
On Fri, 2005-04-15 at 09:56 -0700, Scott Kelly wrote:
> The Bro documentation mentions a capability for logging packets in
> tcpdump format:
>
> http://bro-ids.org/Bro-reference-manual/tcpdump-save-file-that-Bro-write
> s.html
>
> But I can't find any further references or figure out how this is done.
> I looked back through the archives a bit, but don't have time to
> thoroughly scour them for any reference. Can anyone help?
>
> Thanks,
>
> Scott
--
________________________________________________________________________
http://www.cl.cam.ac.uk/~cpk25
http://www.whoop.org
More information about the Bro
mailing list