[Bro] Connection summary <???> values
Vlad Grigorescu
vladg at illinois.edu
Tue Feb 14 07:05:02 PST 2017
<???> simply means that DNS resolution failed.
Andrew Dellana <andrew.dellana at bayer.com> writes:
> Hello,
>
> For the connection summary is there a way to reformat the way the notification looks - Like put each of these on their own line? Also is there way to make the <???> value show its domain name? The <???> value shows up in both the incoming, outgoing and total sections.
>
>
>
> #1=<???> #2=(redacted) #3=<???>
>
> #4= (redacted) #5= (redacted) #6= (redacted)
>
> #7= (redacted) #8=<???> #9=<???>
>
> #10= (redacted) #11=<???> #12= (redacted)
>
> #13=<???> #14= (redacted) #15=<???>
>
> #16= (redacted) #17=<???> #18=<???>
>
> #19=<???> #20= (redacted)
>
>
>
>
> Thanks,
>
> Andrew Dellana
> Intern
> ________________________
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 800 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170214/d2661b25/attachment.bin
More information about the Bro
mailing list