[Bro] Traffic characteristics extraction with Bro

Duc T Ha ducha at cse.buffalo.edu
Mon Jan 22 13:55:04 PST 2007


Hi,
I am trying to extract some flow characteristics from  static data with 
Bro. I've checked the analyzer Conn.bro, but didn't find any suitable 
information.
At present, the characteristics I need are:  mean packet size and mean 
packet inter-arrival time, all per flow. Future work may require packet 
related information, also per flow.

Does anybody know how to do this ? Bro's manual doesn't provide much 
information about static traffic analysis.
Where should I start  and what should I do now?

I am also quite new with Bro, so any detail is appreciated.
Thanks in advance,
Duc.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: ducha.vcf
Type: text/x-vcard
Size: 263 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20070122/30c7287c/attachment.vcf 


More information about the Bro mailing list