[Bro] using YARA signatures within Bro
Ambros Novak
ambros.novak.89 at gmail.com
Mon Feb 5 14:03:42 PST 2018
Hello,
I'm currently using YARA rules (yararules.yar) to inspect files from bro
(extract-all-files.bro).
Besides using bro to inspect files with YARA, how can I get bro to use YARA
rules to inspect traffic and also certificates?
Thank you for your help. I'm still learning bro and YARA.
-Am
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180205/c3ada24d/attachment.html
More information about the Bro
mailing list