[Bro] Typical Bro use case

[Jerome Taylor]

Hello all, I am an applications engineer at a small start-up company located just North of Boston MA. Ihave been tasked to explore Bro and to write a follow on case study. I amsomewhat new to Bro. I have installed a small cluster and have been workingwith Bro for the past few months. I would like to find out how others in theBro community are using Bro.  For instance:1.    Do most people use Bro stand-alone or are youusing it in conjunction with another IDP/IPS sensor such as Snort2.    What does a typical setup look like in terms ofequipmenta.    What does your engress network load look like(i.e. data rate, traffic mix, etc.)b.    How many cores are required to handle yourtraffic load/mix3.    How are you processing the log files4.    What is the ultimate problem that you are tryingto solve I am more then happy to share my findings thus far with anyinterested party. Ultimately, I would like to turn this into a presentationthat I can share at the  next BroCom. If it makes more sense for me to take these types ofquestions off-line then I will gladly do so. Again, I am very interested infinding out how the rest of the community is using Bro so please feel free toreach out to me. Thanks in advance.. Regards,Jerome Taylor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150303/e9b372c8/attachment.html