[Bro] Guest blog: The Intelligence Framework Update
Dopheide, Jeannette M
jdopheid at illinois.edu
Mon Dec 5 08:31:55 PST 2016
Guest blogger, Jan Grashöfer, has written a blog about updates to the Bro Intelligence Framework.
You can read the full post here, below is a summary:
http://blog.bro.org/2016/12/the-intelligence-framework-update.html
Summary
This blog post discusses the data model of Bro's intelligence framework and the new remove function. Furthermore the intelligence expiration and match extension mechanisms are explained. Finally the new type for subnets and the changes to the do_notice.bro script are reviewed. I hope this post could shed some light on the ideas behind Bro's intelligence framework. Have fun integrating the framework into your Bro deployment!
Thanks Jan for your contribution!
------
Jeannette Dopheide
Training and Outreach Coordinator
National Center for Supercomputing Applications
University of Illinois at Urbana-Champaign
More information about the Bro
mailing list