I have some C code that analyses data (inc. URLs, domains) that I want to invoke from Bro to extract additional data from network data. I envisage this data being an extra column in the resultant bro log files.
I’m fairly sure I can do this with awk retrospectively but wanted to ask the list whether it was possible using some of the IPC commands in the language. Reading the specifications for these functions there appears to be no way to invoke the commands and receive non-trivial output.
The commands i’m looking at are
system,system_env - returns the return code from the command (limited to being an integer) - i thought about returning the result into an environment variable, but that would require invoked command to be recompiled
piped_exec - only returns true/false on success failure
Has anybody else done anything similar?
Are there anyways to load modules, call c functions (or functions in scripting languages) from the bro language?
Thanks in advance