[Bro] How filter machine name registration?
Seth Hall
seth at icir.org
Tue Oct 28 05:13:26 PDT 2014
On Oct 28, 2014, at 3:59 AM, Vito Logrillo <vitologrillo at gmail.com> wrote:
> I've tried your solution without any result.
> Below you can see the bro script that i've used
Oh, sorry. That was only part of the solution. Those records attached to the connection record are filled out by scripts, but we don't have scripts that deal with additional RRs. You will have to handle the appropriate events and write your own script to do something with the data.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
More information about the Bro
mailing list