[Bro] Interprocess Communication from BroScript

James Hook jamesfhook at gmail.com
Wed Oct 2 10:28:05 PDT 2013


Hi all,

I have some C code that analyses data (inc. URLs, domains) that I want to
invoke from Bro to extract additional data from network data. I envisage
this data being an extra column in the resultant bro log files.

I'm fairly sure I can do this with awk retrospectively but wanted to ask
the list whether it was possible using some of the IPC commands in the
language. Reading the specifications for these functions there appears to
be no way to invoke the commands and receive non-trivial output.

The commands i'm looking at are
system,system_env - returns the return code from the command (limited to
being an integer) - i thought about returning the result into an
environment variable, but that would require invoked command to be
recompiled
piped_exec - only returns true/false on success failure

Has anybody else done anything similar?
Are there anyways to load modules, call c functions (or functions in
scripting languages) from the bro language?

Thanks in advance

James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20131002/fe25d87b/attachment.html 


More information about the Bro mailing list