[Bro] Calling external scripts on extracted files
Vikram Basu
vikrambasu059 at gmail.com
Wed Oct 4 05:54:59 PDT 2017
Hi,
I am using the bro file-extraction script from the bro-pkg manager and want
to run a python script as soon as the file is completely extracted.
Currently I am calling the script using the Bro Exec::run command after
modifying the script but often times the script is running before the file
has finished extracted and is failing as a result.
How can I make it so that Bro calls the script after file has already been
extracted?
I thought maybe using file_state_remove would help but even in that case I
am getting
/Input::READER_RAW: Child process exited with non-zero return code 127
which I am assuming means the script was run before the file as truly
extracted?
Any advice would be much appreciated.
Regards
Vikram
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20171004/2ab4636c/attachment.html
More information about the Bro
mailing list