[Bro] bro 2.5 . How to get meta fields on intel.log
Seth Hall
seth at icir.org
Thu Feb 23 06:40:52 PST 2017
> On Feb 23, 2017, at 7:18 AM, Giedrius Ramas <giedrius.ramas at gmail.com> wrote:
>
> And we need to have these meta's: meta.desc, meta.cif_confidence, meta.source on bro.intel log as previously had with bro extensions for Bro 2.4 found on https://github.com/sethhall/intel-ext.
Sorry about the confusion. I'll put a note on that repository that the feature is now built into Bro and point to Jan's blog post.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
More information about the Bro
mailing list