[Bro] capture all events at one point
Robin Sommer
robin at icir.org
Thu Oct 20 11:16:56 PDT 2005
On Thu, Oct 20, 2005 at 11:54 -0400, bchen at cs.ucf.edu wrote:
> I am wondering whether I can capture all events at one point. I want to
If you run Bro with the capture-events.bro script, it will record
all events into a file events.bst. You can then use "bro -x
events.bst" to get a readable ASCII version of that file.
Is this what you're looking for?
Robin
--
Robin Sommer * Phone +1 (510) 666-2886 * robin at icir.org
ICIR/ICSI * Fax +1 (510) 666-2956 * www.icir.org
More information about the Bro
mailing list