[Bro] Inconsistent results
Ben Mixon-Baca
bmixonb1 at cs.unm.edu
Fri Jul 22 19:25:16 PDT 2016
Is there any reason to expect Bro to give inconsistent output when
running a script on trace files? I have a script that uses SumStats to
fire off an observation in the tcp_packet event to save the payload for
later analysis. I seem to be running into an issue where I count a
smaller number of observed tcp_packet events than I should actually be
seeing.
--
Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160722/e3214c09/attachment.bin
More information about the Bro
mailing list