[Bro] Newbie at bro, some questions
Dane Wullen
brot212 at googlemail.com
Mon Sep 26 13:17:11 PDT 2016
Hi there,
you can read in trace files via a command shell:
bro -r <your_trace_file>
Bro will then generate log files in the directory you run the command.
To test a bro-script with a trace file you could run the command
bro -r <your_trace_file> <your_bro_script>
Cheers
Am 26.09.2016 um 22:01 schrieb Yagyesh Srivastava:
> Hi,
>
>
> I am very new to bro, i dont quite fully understand how traces work.
> What i need to do is generate some attack traffic to test the changes
> i am trying to make. I see there are some traces in bro, how do these
> work?
> As in how can i use those to test with bro?
>
> Also in the bro traces, i dont find the traffic for DOS attack and sql
> injection attack, can we find the traces for these somewhere else?
>
> Thanks and regards
> Yagyesh
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160926/aee2ba59/attachment.html
More information about the Bro
mailing list