[Bro] Connection summary <???> values
Andrew Dellana
andrew.dellana at bayer.com
Thu Feb 16 07:40:23 PST 2017
Thanks! Is there a way to resolve the DNS connection issues?
Freundliche Grüße / Best regards,
Andrew Dellana
Intern
________________________
-----Original Message-----
From: Vlad Grigorescu [mailto:vladg at illinois.edu]
Sent: Tuesday, February 14, 2017 10:05 AM
To: Andrew Dellana; bro at bro.org
Subject: Re: [Bro] Connection summary <???> values
<???> simply means that DNS resolution failed.
Andrew Dellana <andrew.dellana at bayer.com> writes:
> Hello,
>
> For the connection summary is there a way to reformat the way the notification looks - Like put each of these on their own line? Also is there way to make the <???> value show its domain name? The <???> value shows up in both the incoming, outgoing and total sections.
>
>
>
> #1=<???> #2=(redacted) #3=<???>
>
> #4= (redacted) #5= (redacted) #6= (redacted)
>
> #7= (redacted) #8=<???> #9=<???>
>
> #10= (redacted) #11=<???> #12= (redacted)
>
> #13=<???> #14= (redacted) #15=<???>
>
> #16= (redacted) #17=<???> #18=<???>
>
> #19=<???> #20= (redacted)
>
>
>
>
> Thanks,
>
> Andrew Dellana
> Intern
> ________________________
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list