[Bro] Intel Framework Question

Jon Schipp jonschipp at gmail.com
Tue Jan 13 14:22:17 PST 2015


Also, CIF has an Bro output plugin. The following article on the Bro
Blog covers using both of the aforementioned tools
http://blog.bro.org/2014/01/intelligence-data-and-bro_4980.html

On Tue, Jan 13, 2015 at 4:19 PM, Jon Schipp <jonschipp at gmail.com> wrote:
> $ wget https://raw.githubusercontent.com/jonschipp/mal-dnssearch/master/tools/mal-dns2bro.sh
> :)
>
> On Tue, Jan 13, 2015 at 3:59 PM, anthony kasza <anthony.kasza at gmail.com> wrote:
>> Python is nice. I think Jon Schipp has a script or two that assists in
>> converting indicators too.
>>
>> -AK
>>
>> On Jan 13, 2015 1:38 PM, "Damon Rouse" <damonrouse at gmail.com> wrote:
>>>
>>> I've just started playing with the intel framework and have a question for
>>> everyone.  How are people automating the conversion of their intel data
>>> (threat feeds, etc.) into the format the BRO intel files require.
>>>
>>> Are their any solutions out there to automate this?
>>>
>>> Thanks
>>> Damon
>>>
>>> _______________________________________________
>>> Bro mailing list
>>> bro at bro-ids.org
>>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
>>
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
>
>
> --
> Jon Schipp,
> jonschipp.com, sickbits.net, opennsm.ncsa.illinois.edu



-- 
Jon Schipp,
jonschipp.com, sickbits.net, opennsm.ncsa.illinois.edu


More information about the Bro mailing list