[Bro] help regarding sending scripts
Jayanth Kannan
kjk at eecs.berkeley.edu
Fri May 2 09:30:35 PDT 2008
Hi,
I have a question about sending scripts from one Bro to a second one, and
having the second one install the script at run-time, and I was wondering
how it would be done. Any help appreciated! Details below.
I am running Bro at the host which needs to receive new policy scripts on
the fly from a remote Bro. I was wondering how exactly to use the
serialization framework to achieve this. Ideally, I would like to do it at
the script-level for simplicity reasons. A script at the host Bro would
handle the reception and installation of policy files. It would simply
download the file from the remote Bro, and then call a function called
"load_policy_file()" to install the script into the running Bro. I could not
find any such function to do this in the online documentation. (equivalent
of a run-time "@load"). Maybe, I missed something?
If such support is not avail, I was thinking of writing a "load_policy_file"
function for Bro that scripts could use. I was also wondering whether I
could use the "trigger" mechanism discussed in the "Policy-controlled event
management ... " paper, but the serialization framework seems heavy-weight
for this, since I am only looking to install scripts at run-time, not to
make fine-grained changes.
Thanks in advance,
Jayanth
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20080502/e952b024/attachment.html
More information about the Bro
mailing list