[Bro] Reading pcap files from Python wrapper?
Mike Dopheide
dopheide at gmail.com
Mon Feb 12 08:37:05 PST 2018
I'm not a core developer, but I can pretty much guarantee the API doesn't
support that. Reading pcaps is generally regarded as a testing mechanism,
not part of a production architecture. For those folks where reading pcaps
is a hard requirement, they usually end up building something around
tcpreplay.
-Dop
On Mon, Feb 12, 2018 at 7:58 AM, Rares Aioanei <schaiba at gmail.com> wrote:
> Hello,
>
> I know that I can easily run bro from the CLI with a .pcap file and
> then analyze the logs it generates. However, what I need is to use the
> Bro API (preferrably Python) to _open_ the pcap file and generate the
> logs. Is this possible?
>
> Thanks a lot in advance.
>
> --
> Rares Aioanei
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180212/2768d592/attachment.html
More information about the Bro
mailing list