[Bro] "services" variable referenced in known-services.bro
Seth Hall
seth at icir.org
Fri Jun 5 11:59:36 PDT 2015
> On Jun 5, 2015, at 2:46 PM, Earl Eiland <earl.eiland at root9b.com> wrote:
>
> That helps a lot. When I run DPD, the various logs show that traffic is being correctly parsed. It seems that the information should appear in conn.log's service column, particularly when DPD is invoked from the command line. This, however, is not the case. What am I overlooking?
Could you show a little more concretely how you’re running Bro? Ideally you could provide a pcap that shows what you’re seeing although I understand if you’re unable to do that.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150605/54bd6bb1/attachment.bin
More information about the Bro
mailing list