[Bro] minimalistic bro setup
william de ping
bill.de.ping at gmail.com
Tue Apr 4 03:07:25 PDT 2017
Hi all,
I would like to make bro real thin by not loading all unnecessary
plugins\analyzers.
I have tweaked init-bare and init-default scripts, yet when I see the
loaded-scripts, I see that many plugins are loaded.
How can I turn off plugins effectively ?
when I edit base/bif/plugins/__load__.bro to not load ,say, FTP, I get
many errors that some FTP fields are not recognized and preventing the
cluster from running.
I basically need only UDP and DNS events and have no need for the moment
for other down stream analyzers\plugins.
Thanks in advance
B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170404/433b0008/attachment.html
More information about the Bro
mailing list