[Bro] TCP connection summaries
Jon Schipp
jonschipp at gmail.com
Sat Sep 28 08:00:47 PDT 2013
To pass a BPF try ``-f tcp''
On Sat, Sep 28, 2013 at 8:07 AM, Laleh Arshadi <la_arshadi at yahoo.com> wrote:
> Hi all
>
> I see that you can get a connection summary log of an offline pcap traffic
> file by running bro with a simple command line as:
> bro -r traffic_file_name
> I have tested this command and it works well. But I am only interested in
> TCP connection summaries so I tried:
> bro -r traffic_file_name tcp
> But I get an error indication 'tcp' as unkown. What have I missed here?
>
> Regards
> L. Arshadi
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
--
Jon Schipp,
jonschipp.com, sickbits.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20130928/34529e80/attachment.html
More information about the Bro
mailing list