[Bro] - see all triggered events on a given pcap file
Keith Lehigh
klehigh at iu.edu
Sun May 28 08:06:35 PDT 2017
policy/misc/dump-events.bro does exactly what you want.
- Keith
> On May 28, 2017, at 10:36, william de ping <bill.de.ping at gmail.com> wrote:
>
> Hi all,
>
> Does anyone know a way to get a list of all triggered events given a pcap file ?
>
> Currently what I do is just print some indicative message for each suspected relevant events (quit tedious task)
>
> Thanks
> B
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170528/c59d71f5/attachment.bin
More information about the Bro
mailing list