[Bro] feeding bro cluster with parameters without restarting it
william de ping
bill.de.ping at gmail.com
Thu Mar 2 01:33:46 PST 2017
Hello all,
I know that I can update bro parameters using the INPUT framework (reading
input files and updating a table for instance).
The thing is that the INPUT framework (STREAM) and generally reading from
files is relatively slow.
Can I add elements to a table inside bro from lets say a syslog message or
any other faster method ?
thanks
B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170302/1da1815f/attachment.html
More information about the Bro
mailing list