[Bro] Adding dns entry to bro logs
Keith Midwinter
kmidwinter at exoendo.com
Wed Jul 26 06:38:02 PDT 2017
Hi,
I am using bro internally on a network that uses dhcp to assign ip addresses so if I want to investigate something that happened yesterday then doing a nslookup today wont tell me what host it was assigned to at the time the log was created. So is there a way to do an nslookup at the time of log creation and add it to the logs?
I did some googling and found a reference to extending the log format and running scripts but it wasn't enough for me to figure it out.
Thanks,
Keith
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170726/c6ed4e4a/attachment.html
More information about the Bro
mailing list