capture all events at one point

bchen · October 20, 2005, 3:54pm

Hi all,
I am wondering whether I can capture all events at one point. I want to log
the sequence of all events happened between two hosts and look for interesting
patterns. thanks.

Bing

robin · October 20, 2005, 6:16pm

If you run Bro with the capture-events.bro script, it will record
all events into a file events.bst. You can then use "bro -x
events.bst" to get a readable ASCII version of that file.

Is this what you're looking for?

Robin

Topic		Replies	Views
Capturing events Zeek	6	145	May 6, 2022
How to control when bro logs events Zeek	1	91	May 6, 2022
Bro questions from a rookie Zeek	2	86	May 6, 2022
capture all events at one point Zeek	1	115	May 6, 2022
Does Bro generate only one event for one network connection? Zeek	2	78	May 6, 2022

capture all events at one point

Related topics