[Bro] Connection records in a database?
Christopher Jay Manders
cjmanders at gmail.com
Fri Oct 3 09:26:21 PDT 2008
Hi,
I have written a similar program in C. It imports over 2 Mill. connection
log lines in just about 20 minutes. Other scripted methods, such as via
Perl, appear to take a bit more time, CPU and RAM, which is why I chose C.
It parses logs (conn.log only right now) from Bro and puts the contents into
MySQL.
The code is autoconf'ed, so you might want to give it a try. I also include
the SQL Table layout I used.
I have the code up here: https://sourceforge.net/projects/bro-tools/
HTH
Cheers!
--Christopher
On Fri, Oct 3, 2008 at 4:20 AM, Seth Hall <hall.692 at osu.edu> wrote:
>
> On Oct 3, 2008, at 3:06 AM, Stephen Chan wrote:
>
> > Seth Hall wrote:
> >>
> >> I'm going to get started on a C or C++ application soon that will use
> >> Broccoli to listen to some event which would be intended for database
> >> logging.
> > Hi Seth,
> > I've got one written already, if you're interested I can send you
> > the source.
>
>
> Please! I actually just wrote one which is getting close to working,
> but I'd be happy to see your implementation.
>
> .Seth
>
> ---
> Seth Hall
> Network Security - Office of the CIO
> The Ohio State University
> Phone: 614-292-9721
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20081003/f9faeeec/attachment.html
More information about the Bro
mailing list