[Bro] Newbie question: Bro logs to OSSIM

Chris Harwood crharwood at gmail.com
Tue Aug 30 23:55:03 PDT 2016


Hi,

New to the list and working with Bro. Interested in sending Bro logs to
Alienvault OSSIM to consolidate two separate IDS and Argus systems.

Has anyone else done this or have a resource to share? The one article
describing the rsyslog config to output the logs is dated 2011 so thought
I'd ask while taking a look at the OSSIM Bro plugin.

Thanks in advance,

Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160830/4d15021d/attachment.html 


More information about the Bro mailing list