[Bro] Is DNS Query equal to HTTP Host?

Shaleta Bennett shaleta.bennett at gmail.com
Thu Feb 13 08:21:24 PST 2014


Hi can anyone help me figure out if the dns query is the same as the http
host?

I've tried doing the following but did not get any output.

if(c$dns$query == c$http$host)
{

    #send notice to notice.log
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140213/ac71345e/attachment.html 


More information about the Bro mailing list