[Bro] using bro for file extraction
Earl Eiland
earl.eiland at root9b.com
Mon Aug 31 12:17:11 PDT 2015
I want to use bro to extract files for external analysis. Bro::FileDataEvent appears to be the proper approach. However, I’m not finding the event to write a script for, nor do I know how to write to anything other than a log file.
Please advise!
Best Regards,
Earl Eiland,
Sr. Cyber Security Engineer,
Emerging Technologies, root9B,
San Antonio, Texas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150831/50f7dec6/attachment.html
More information about the Bro
mailing list