[Bro] Store PCAP logs
Slagell, Adam J
slagell at illinois.edu
Mon Aug 3 06:30:38 PDT 2015
Bro can analyze pcaps, but it doesn't generate them.
Wire shark isn't really a log analyzer, but a raw traffic analyzer/GUI.
There are Bro plugins for Splunk. It works well.
> On Aug 3, 2015, at 8:19 AM, 陈昱竹 <billcyz at gmail.com> wrote:
>
> Hello,
>
> I've installed Bro IDS on my computer, and I want to know is it possible to make Bro generate pcap logs? Because I want to use Wireshark to analyze Bro logs.
> Another question, does anyone tried Splunk to analyze Bro logs? Can anyone give me some advice?
>
> Any help would be great. Thank You.
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list