[Bro] Syntax and Semantics message Broccoli
Johanna Amann
johanna at icir.org
Tue Jan 3 02:35:19 PST 2017
Hi Alberto,
the messages that are exchanged are basically Bro events. So you can
send/receive any kind of data that you can usually send/receive in Bro
events (with a small number of exceptions that you will probably not care
about - I don't think that broccoli supports opaques, e.g.).
The best way get started at this is probably to look at the test folder in
broccoli, which has a few C programs and Bro scripts that exchange data.
Note that there also is a newer communication library (named Broker) that
can be used to do basically the same job - the API is not quite finished
yet though, but at some point of time you might have to port things over
to it.
Johanna
On Tue, Dec 13, 2016 at 11:50:10PM +0100, Alberto Ciolini wrote:
> I have to develop a program, using Broccoli, that communicates with Bro
> which installed on raspberry pi. My question is if there is a standard for
> syntax and semantics for message that Broccoli and Bro send each other.
> How messages are sent from broccoli to bro?
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list