[Bro] Fwd: Other log files besides conn.log
Therenca Mureithi
therencamureithi at gmail.com
Tue Oct 17 07:34:12 PDT 2017
---------- Forwarded message ----------
From: Therenca Mureithi <therencamureithi at gmail.com>
Date: Tue, Oct 17, 2017 at 5:30 PM
Subject: Other log files besides conn.log
To: bro at bro.org
Is there a way to add mac address to log files like http.log, ssl.log,
ssh.log, especially when the ip addresses are dynamic. I have been able to
add mac address to the conn.log file following bro related threads. I am
not skilled at bro scripting but i would very much like to have this
functionality. Why? Due to the fact that i want to track down users of the
network and at one point their ip addresses do change, however rarely do
mac address change unless ofcourse you have spoofed it. Kindly reply.
Anyone.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20171017/e9ceca46/attachment-0001.html
More information about the Bro
mailing list