Brownian Demo Site

Hi Everyone,

As some of you may know, I've been working on a web interface for quickly querying your Bro logs called Brownian. For those of you that I got to meet at the Bro Exchange, I just wanted to quickly follow-up and mention that the demo site is now up at:

http://brownian.bro-ids.org/?time=all

If you weren't able to make it out to the Exchange, the video of my (and everyone else's) presentations will be made available soon.

In either case, if anyone would like to know more, has questions, or feature requests, please feel free to contact me. To find out more about the project itself, please see the GitHub page at: <https://github.com/grigorescu/Brownian>.

Thanks,

  --Vlad

I do want to point out some small things about that demo site. It's hosted on a virtual machine and it seems to be running slower than I would expect. My experience in other cases with many, many more logs has shown much better performance than that and I still can't explain the slowness except that rendering the logs is taking too long. There may also be other users hitting the site at the same time as you which could result in even further slow downs.

My recommendation if you are interested in seeing how it really performs would be to try it locally with Vlad's installation instructions:
  https://github.com/grigorescu/Brownian/blob/master/README.md

There are instructions for using the elasticsearch plugin in our beta and git repository master branch here:
  http://git.bro-ids.org/bro.git/blob/HEAD:/doc/logging-elasticsearch.rst
  
In particular, pay attention to the section that talks about this script (for automatically logging to text logs and elastic search at the same time):
  tuning/logs-to-elasticsearch.bro

Have fun and remember that we are declaring the elastic search plugin as "in testing" for the 2.1 release. Thanks for Brownian Vlad!

  .Seth