[Bro] feeding bro cluster with parameters without restarting it
william de ping
bill.de.ping at gmail.com
Thu Mar 2 02:45:20 PST 2017
I am also now reading about PYBROKER.
Can anyone provide me with an example of how can I use PYBROKER and a
python script to update a table inside a running bro cluster (bro workers
to be exact) ?
Thanks
B
On Thu, Mar 2, 2017 at 11:33 AM, william de ping <bill.de.ping at gmail.com>
wrote:
> Hello all,
>
> I know that I can update bro parameters using the INPUT framework (reading
> input files and updating a table for instance).
>
> The thing is that the INPUT framework (STREAM) and generally reading from
> files is relatively slow.
>
> Can I add elements to a table inside bro from lets say a syslog message or
> any other faster method ?
>
> thanks
> B
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170302/db34eb89/attachment.html
More information about the Bro
mailing list