Hi all,
the git code below can be used to integrate Bro with Yara:
https://github.com/hempnall/broyara
I've tried to use it without any result. Should i download the files
in the same bro directory and then change the CMake files as
described?
Thanks
I’m not sure this is going to be a great solution for many people. You are pulling the entire file into system memory and then having Yara analyze it once the file is completed. I’ve worked with Yara before and even added a streaming API (which hasn’t been accept back into Yara proper yet).
I guess I’m just trying to get across that I’d be a little concerned about running this on a real network. 
.Seth