[Bro] Basic Question

Justin Thomas justin at justinthomas.name
Wed Dec 5 21:55:48 PST 2012


I'm pretty new to Bro and am just trying to understand how to go about
getting events programmatically from the sensor (10.0.0.1). Here's my test
scenario.

I see entries constantly being added to the ssl.log file. Since this is a
pretty busy file, I decide to try to register an event handler (using
ipython) to capture those events on a separate system (using the python
interface):

from broccoli import *
bc = Connection("10.0.0.1:47760")

@event
def ssl_conn_attempt(connection, version, ciphers):
    print connection, version, ciphers

while True:
    bc.processInput()

But I never see my callback triggered even though I see constant activity
in the ssl.log file. What am I doing wrong?

Thanks in advance!
Justin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20121205/6177de00/attachment.html 


More information about the Bro mailing list