Hi all,
Is there a way to detect certain md5 file hashes and send them to a specific file.
Thanks
Monah
You can load the MD5 hashes into the intelligence framework. Intelligence Framework — Book of Zeek (v4.2.0)
If you enable file-hashing (which is enabled by default in a cluster installation) and load your MD5 sums as Intel::FILE_HASH indicators, hits will be written into intel.log.
Johanna