[Bro] Developing my own writer driver

John Green john at giggled.org
Wed Jan 28 10:39:46 PST 2015


Hi Luis,
I had a similar requirement a while back and took a different approach
to get my data into Postgres by importing the output from the default
text writer.  This was largely to keep things as simple as possible on
the sensor side.

See https://github.com/j-o-h-n-g/Mortimer/blob/master/broimport.py

The code is quite dirty in places, but might give you some ideas for
possible bro<->postgres type mappings.

John

On 28 January 2015 at 17:29, Luis Miguel Silva
<luismiguelferreirasilva at gmail.com> wrote:
> Dear all,
>
> I'm brand new to bro (just found out about it and tried yesterday) and I'm
> very intrigued by its capabilities.
>
> The documentation says we can write outputs into databases BUT, as I got to
> the logging framework documentation, it seems the only "non file based"
> writer driver available is for sqlite.
>
> I'm really interested in using a server based SQL instance (like postgresql,
> mysql or mariadb) AND a NoSQL service (mongodb or couchdb).
>
> Are there any other writer drivers available (even if they are not
> officially supported / are part of non committed contributions)?
>
> If not, can someone give me some pointers on how to develop extra writer
> drivers?
>
> Thank you,
> Luis Silva
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro


More information about the Bro mailing list