Integrating AMQP in BRO via BINPAC

Aniket_Savanand · April 4, 2016, 10:15pm

Hi all

I am trying to integrate AMQP protocol in BRO.
I have followed all steps from these videos on YouTube.
https://youtu.be/eZAgqSFd9-c

I am getting conn.log generated in usr/local/bro/logs/current when I run AMQP traffic via SwiftMQ server and client with messages.

I can see 5672 port(AMQP dedicated port) connections on localhost in conn.log file.

What else need to do to make sure that AMQP is correctly integrated into BRO.?

I am not able to see actual AMQP messages in any of the log file though.

Thanks
Aniket

Topic		Replies	Views
Requesting some pointers- Adding a new protocol to BRO- Facing problems Zeek	3	73	May 6, 2022
help required in logs with bro Zeek	6	73	May 6, 2022
packet post-processor plugin Zeek	9	111	May 6, 2022
On Bro's configuration file Zeek	1	146	May 6, 2022
Bro with 802.1Q vlans? Zeek	4	80	May 6, 2022