[Bro] Bulk editing Intel files
Michael Wenthold
michael.wenthold at gmail.com
Thu Jul 30 07:28:56 PDT 2015
I usually wind up using sed, as long as the file has the domains listed one
per line.
Something like:
sed 's/^\([a-z].*\.[a-z]\{2,6\}\)$/\1\tIntel::DOMAIN\tfeed info\tF/i'
indicators.intel
(use sed -i to save the changes to the file)
On Thu, Jul 30, 2015 at 1:57 PM, Michael Bower <mbower2 at gmail.com> wrote:
> Does anyone have something they like to use to help create/edit Intel
> files in bulk? Im trying to find a way to quickly add a lot of domains to
> one of my Intel files and I really don't want to have to added them
> individually.
>
> Thanks,
> Mike
> --
>
> Sent from my Android device
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150730/3fa233a5/attachment.html
More information about the Bro
mailing list