[Bro] bro 2.5 . How to get meta fields on intel.log

Seth Hall seth at icir.org
Thu Feb 23 06:40:52 PST 2017


> On Feb 23, 2017, at 7:18 AM, Giedrius Ramas <giedrius.ramas at gmail.com> wrote:
> 
> And we need to have these meta's: meta.desc, meta.cif_confidence, meta.source on bro.intel log as previously had with bro extensions for Bro 2.4 found on https://github.com/sethhall/intel-ext.

Sorry about the confusion.  I'll put a note on that repository that the feature is now built into Bro and point to Jan's blog post.

  .Seth


--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/




More information about the Bro mailing list