[Bro] Is it applicapable to specific target ip using command line in bro?
Siwek, Jonathan Luke
jsiwek at illinois.edu
Tue Dec 6 07:24:04 PST 2011
> bro -r xxx.pcap yyyy.bro.
> But here the bro script can't get the target ip through this kind of command.
> Is there any mechanism in bro to fulfull this requirement?
You can set any &redef variable from the command line. e.g. if yyyy.bro contains:
const target_ip: addr &redef;
event bro_init()
{
print target_ip;
}
Then you can do the following:
$ bro yyyy.bro target_ip=1.2.3.4
1.2.3.4
Does that help?
+Jon
More information about the Bro
mailing list