[Bro] Implementing broping.c in broscript
Seth Hall
seth at icir.org
Thu Oct 10 11:05:13 PDT 2013
On Oct 10, 2013, at 12:59 PM, James Hook <jamesfhook at gmail.com> wrote:
> redef Communication::nodes += {
> ["broping2"] = [$host = 127.0.0.1, $p = 47758/tcp, $events = /pong/, $connect=T, $ssl=F]
It sounds like you want your Bro node to subscribe to ping events since that's what your broccoli application is sending. If you have it listening for pong, the C application might send the ping event, but Bro won't listen to it since it's only listening for pong events.
You could even make Bro listen for all events like this (not recommended for anything other than testing)…
> ["broping2"] = [$host = 127.0.0.1, $p = 47758/tcp, $events = /.*/, $connect=T, $ssl=F]
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20131010/87c48377/attachment.bin
More information about the Bro
mailing list