[Bro] BinPAC and custom types
Seth Hall
seth at corelight.com
Wed Apr 25 11:51:16 PDT 2018
On 25 Apr 2018, at 11:44, Stuart H wrote:
> I’m making some good progress writing an analyser with BinPAC, only
> small issue is that I can’t find a way to get custom Bro script
> types to be parsed on initiation of Bro. I’ve tried adding a
> types.bif file and defining the type there but can only seem to do a
> simple definition such as:
> type <module>::<custom type>: record;
You need to define the name and that it's a record in the types.bif file
and then create a Bro script with the full type definition that is auto
loaded when your plugin is loaded. I think that if you used the script
that autogenerates a structure for you, you should have a file named
scripts/types.bro that is exactly for this purpose.
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
More information about the Bro
mailing list