[Zeek] capture filters.
Dk Jack
dnj0496 at gmail.com
Wed Jul 17 17:07:32 PDT 2019
Hi,
I am trying to test capture filters and I am having a hard time to get them
to work. Here's my configuration:
redef capture_filters += {
["host"] = "host 10.16.138.55",
["port"] = "port 443"
};
redef restrict_filters += {
};
Here's the broctl print command output:
root at ip-10-50-30-33:/opt/bro/logs/current# /opt/bro/bin/broctl print
capture_filters
bro capture_filters = {
[host] = host 10.16.138.55,
[port] = port 443
}
root at ip-10-50-30-33:/opt/bro/logs/current#
Is there some other option I need to enable to get this to work? Thanks for
the help...
Dk.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190717/8619b1b0/attachment.html
More information about the Zeek
mailing list