[Bro] Monitoring traffic on VPC
Paweł Piszczatowski
pawelec93 at googlemail.com
Thu Mar 3 07:35:53 PST 2016
I've got a cluster set up in the cloud with a Master and two workers all in
separate VPC. They are talking using VPN and I can see the traffic from the
workers in the the master. What I'm trying to do is to have the worker
monitor the whole VPC as there will be other VMs such as honeypots etc.
I have tried port forwarding (forwarding all the traffic from the other
instances into the bro worker) however with no luck as AWS doesn't allow
port forwarding apparently.
My question is can Bro monitor whole subnets? Or is there a better solution
to monitor all of the traffic in a VPC?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160303/d65fd2a6/attachment.html
More information about the Bro
mailing list