capture filters.

Dk_Jack · July 18, 2019, 12:07am

Hi,
I am trying to test capture filters and I am having a hard time to get them to work. Here’s my configuration:

redef capture_filters += {
[“host”] = “host 10.16.138.55”,
[“port”] = “port 443”
};

redef restrict_filters += {
};

Here’s the broctl print command output:

root@ip-10-50-30-33:/opt/bro/logs/current# /opt/bro/bin/broctl print capture_filters
bro capture_filters = {
[host] = host 10.16.138.55,
[port] = port 443
}
root@ip-10-50-30-33:/opt/bro/logs/current#

Is there some other option I need to enable to get this to work? Thanks for the help…

Dk.

Topic		Replies	Views
restrict_filters not preventing logging of selected IP addresses Zeek	2	74	May 6, 2022
Bro restrict filters question Zeek	4	87	May 6, 2022
Adding options to bro managed by broctl Zeek	4	60	May 6, 2022
broctl print capture_filters failing Zeek	10	73	May 6, 2022
Bro 0.8 and vlans Zeek	1	51	May 6, 2022

capture filters.

Related Topics