[Bro] Interprocess Communication from BroScript
Jim Mellander
jmellander at lbl.gov
Wed Oct 2 10:48:24 PDT 2013
Hi James:
Sounds like you could use the Broccoli library to perform the task you are
envisioning: http://www.bro.org/download/README.broccoli.html
Jim Mellander
NERSC Cybersecurity
On Wed, Oct 2, 2013 at 10:08 AM, James Hook <jamesfhook at gmail.com> wrote:
> Hi all,
>
> I have some C code that analyses data (inc. URLs, domains) that I want to
> invoke from Bro to extract additional data from network data. I envisage
> this data being an extra column in the resultant bro log files.
>
> I'm fairly sure I can do this with awk retrospectively but wanted to ask
> the list whether it was possible using some of the IPC commands in the
> language. Reading the specifications for these functions there appears to
> be no way to invoke the commands and receive non-trivial output.
>
> The commands i'm looking at are
> system,system_env - returns the return code from the command (limited to
> being an integer) - i thought about returning the result into an
> environment variable, but that would require invoked command to be
> recompiled
> piped_exec - only returns true/false on success failure
>
> Has anybody else done anything similar?
> Are there anyways to load modules, call c functions (or functions in
> scripting languages) from the bro language?
>
> Thanks in advance
>
> James
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20131002/9ef87323/attachment.html
More information about the Bro
mailing list