[Bro] Bro Digest, Vol 150, Issue 14

Sang Dange sudesh.barwe at gmail.com
Mon Oct 8 14:24:44 PDT 2018


Hello all,

Can anyone point me to any documentation on support of Industrial IOT
protocols by Bro?

Thanks,
Sang

On Mon, Oct 8, 2018 at 12:00 PM <bro-request at bro.org> wrote:

> Send Bro mailing list submissions to
>         bro at bro.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
> or, via email, send a message with subject or body 'help' to
>         bro-request at bro.org
>
> You can reach the person managing the list at
>         bro-owner at bro.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Bro digest..."
>
>
> Today's Topics:
>
>    1. Monitor progress and ETA while running bro (Assaf)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 8 Oct 2018 18:15:10 +0300
> From: Assaf <assaf.morami at gmail.com>
> Subject: [Bro] Monitor progress and ETA while running bro
> To: "bro at bro.org List" <bro at bro.org>
> Message-ID:
>         <
> CADsFwicap2p7rV1+DAdRrHLL5hVwZOLzdDQkHcfzAvApp_7M6A at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hi, I just wanted to share how I monitor progress and ETA while running bro
> from a pcap file.
>
> If I have only one pcap I use pipe viewer (the pv command) like this:
>
> pv x.pcap | bro -r -
>
> If I have more than one pcap, e.g. from a big tcpdump run, I merge all of
> them on the fly using joincap ( https://github.com/assafmo/joincap ) like
> this:
>
> joincap *.pcap | pv -s $(du -bc *.pcap | awk '/total/{print $1}') | bro -r
> -
>
> This way pv print progress and ETA information while bro is running. :-)
>
> Shameless plug - I wrote joincap specifically for these kind of situations,
> because mergecap and tcpslice does not handle errors very well.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20181008/b13ae9d7/attachment-0001.html
>
> ------------------------------
>
> _______________________________________________
> Bro mailing list
> Bro at bro.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
>
> End of Bro Digest, Vol 150, Issue 14
> ************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20181008/e305f0d6/attachment.html 


More information about the Bro mailing list