Does anyone know if there is a Bro plugin for CoAP traffic detection and identification? We have the MQTT plugin for IoT bits, but we would like to support CoAP as well. Thanks!
Just to chime in - I have not heard of anyone creating a CoAP analyzer for
Seth (may) be looking at making the analyzer. You can find a packet generator here: https://github.com/mcollina/coap-packet. With the increase in number of IoT things on the network, or things acting like IoT devices (phones,
soap dispensers, Fatema has examples on her network), having visibility into this is pretty important.
I’d put extra emphasis on the may. I haven’t had time to dig into it yet, but thanks for the pointers to the packet generator and the protocol on the whole.