[Bro] User Agent parser in bro
Seth Hall
seth at corelight.com
Mon Jan 29 08:11:48 PST 2018
Hi Vitaly!
I've been wanting to port one of these type of things to Bro for a long
time. That would be a great contribution if you wanted to take that on.
I'm sure that a number of people would find it valuable. I don't know
of anyone in the community that has already done it.
.Seth
On 22 Jan 2018, at 1:50, Vitaly Repin wrote:
> Hello,
>
> I am looking for a way to parse the User Agent string in bro.
>
> Is anybody aware of any bro scripts which are similar in functionality
> to
> something like ua-parser-js (
> https://github.com/faisalman/ua-parser-js )
> or ES user-agent ingest plugin (
> https://www.elastic.co/guide/en/elasticsearch/plugins/master/ingest-user-agent.html
> )?
>
> Thanks in advance!
> --
> WBR & WBW, Vitaly
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
--
Seth Hall * Corelight, Inc * www.corelight.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180129/06323698/attachment.html
More information about the Bro
mailing list