[Bro] How to configure-control snaplen bits captured on live capture.

Luca Renaud renaud.luca at gmail.com
Wed Sep 23 19:23:05 PDT 2015


Capturing with tcpdump (for offline analysis) I generally use the following
command:

tcpdump -s 96 .......... ( -s 0 is not necessary for me most of the time)

So,using BroControl to start/stop a realtime capture and analysis how can
the captured bits be configured-controled to match our needs?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150924/0a1e38ca/attachment.html 


More information about the Bro mailing list