[Bro] Question about the Intelligence framework
Ren, Wenyu
wren3 at illinois.edu
Sat Jan 3 20:25:50 PST 2015
Dear all,
I am trying to extend the current Intelligence framework to support some indicator of my own type. I am wondering how to inform the Intelligence framework that the data of my own type is discovered and it’s presence should be checked within the intelligence data set. Do you known in which file is the corresponding codes for the current supported indicator types located? The documentation for the Intelligence Framework mentioned some "package of hook scripts". Where can I find that those scripts?
Thanks a lot,
Wenyu
More information about the Bro
mailing list