[Bro] Getting flow stats from Bro
Vlad Grigorescu
vladg at illinois.edu
Thu Feb 16 08:15:35 PST 2017
Not set of scripts for this that I'm aware of. The closest thing I'm
aware of is this script for computing PCR, which might be a good
jumping-off point at least:
https://github.com/reservoirlabs/bro-producer-consumer-ratio
--Vlad
Jim Simpson <jim.simpson.work at gmail.com> writes:
> Is there an existing set of scripts for Bro to get flow stats?
>
> I'm looking for counts, avg, and std dev on small packets, large packets,
> nonempty packets, interarrival times, etc, similar to what YAF gives with
> the `--flow-stats` option. I'm also interested in the Shannon entropy of
> the payload, similar to what YAF gives with the `--entropy` option.
> https://tools.netsa.cert.org/yaf/yaf.html
>
> - Jim
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 800 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170216/f46acdad/attachment.bin
More information about the Bro
mailing list