[Bro] Yara integration with Bro 2.5
Brian Wylie
briford.wylie at gmail.com
Wed Apr 12 14:11:23 PDT 2017
Erik has a good point about overhead. So for offloading (and because I love
python) I threw together the Bro to Python repo and added a yara example.
Might be useful if you like Python.. shrug...donno... just throwing it out
there :)
- https://github.com/Kitware/BroThon
On Wed, Apr 5, 2017 at 7:02 AM, erik clark <philosnef at gmail.com> wrote:
> Er, doesnt this come with massive overhead? Also, file inspection rules
> are non-trivial. Given the number of files that bro processes, it seems
> that on anything other than a very tiny link this would cause giant
> problems...
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170412/5d6d6035/attachment.html
More information about the Bro
mailing list