[Bro] Integrating bro-ids on sguil or snorby
carlopmart
carlopmart at gmail.com
Wed Sep 28 10:43:27 PDT 2011
On 09/28/2011 07:42 PM, Seth Hall wrote:
>
> On Sep 28, 2011, at 1:32 PM, carlopmart wrote:
>
>> Sorry if this question sounds stupid, but I am very new using bro as
>> an IDS. Is it possible to integrate bro logs on sguil or snorby or some
>> type of front-ends like these ones??
>
>
> I'm going to say no with the caveat that we will almost certainly have some sort of integration with those in the future.
>
> If you only look at the output of Bro in those interfaces though, you'd currently be missing out on much of the benefit since Bro does extensive protocol logging. Are you running from our repository or a released version?
>
> .Seth
I have installed released version: 1.5.3 ...
--
CL Martinez
carlopmart {at} gmail {d0t} com
More information about the Bro
mailing list