[Bro] Bro and Snort together

Matthias Vallentin vallentin at icir.org
Sun Oct 18 09:20:40 PDT 2015

Previous message: [Bro] Bro and Snort together
Next message: [Bro] archive-log process apparently failing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Anyone have used Bro and Snort together to the same live traffic?

You could give packet-bricks a shot:

    https://github.com/bro/packet-bricks

It requires netmap, however. You'd use a Duplicator brick to split up
the traffic over two pipes.

    Matthias

Previous message: [Bro] Bro and Snort together
Next message: [Bro] archive-log process apparently failing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Bro mailing list