[Bro] Arp script : Bro doesn't log all traffic
Nicolas KRASINSKI
krasinski at cines.fr
Thu Feb 22 07:30:09 PST 2018
Great! Thank you very much, it works.
Nicolas.
De: "Azoff, Justin S" <jazoff at illinois.edu>
À: "krasinski" <krasinski at cines.fr>
Cc: bro at bro.org
Envoyé: Jeudi 22 Février 2018 14:44:21
Objet: Re: [Bro] Arp script : Bro doesn't log all traffic
> On Feb 22, 2018, at 4:30 AM, Nicolas KRASINSKI <krasinski at cines.fr> wrote:
>
> Hello,
>
> When I load arp_main script (https://gist.github.com/grigorescu/a28b814a8fb626e2a7b4715d278198aa) in local.bro, Bro log only arp traffic and not more.
> I just have this logs :
> stdout
> stderr
> stats
> notice
> arp
>
> When I don't load this arp script, bro log normaly all traffic...
> Do you know why ?
Removing this line should fix things:
redef capture_filters += { ["arp"] = "arp" };
—
Justin Azoff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180222/de451a07/attachment.html
More information about the Bro
mailing list