Log Siphon Decoding Bro IDS Events.

Ron_Jenkins · February 28, 2013, 4:11pm

Good morning

Building into next release of Log Siphon the ability to display the decoded and raw event data.

The below link is a screenshot of a Bro connection log event.

If you have any suggestions or input on this new feature, I would be interested in hearing about it.

Thanks!

Ron Jenkins (SnortCP, VCP (3/4), MCNE, CNE6, MCP,CCNA)

RMJ Consulting, LLC. “Bringing Companies and Solutions Together”

Makers of Active Response System(ARS) & Log Siphon

Owner / Senior Architect

Physical Address

11715 Bricksome Ave STE B-7

Baton Rouge, LA 70816

Mail Address

7575 Jefferson Hwy #103

Baton Rouge, LA 70806

Toll: 855-448-5214

Direct. 225-448-5214

Fax. 225-448-5324

Cell. 225-931-1632

Email. rjenkins@rmjconsulting.net

Web. http://www.rmjconsulting.net

ARS. http://www.rmjars.com

Linkedin. http://www.linkedin.com/profile/view?id=28564151&trk=tab_pro

Topic		Replies	Views
Log Siphon with Bro IDS data imported. Zeek	1	65	May 6, 2022
Bro IDS logging via Syslog Zeek	3	80	May 6, 2022
connection states Zeek	11	286	May 6, 2022
BRO IDS Zeek	6	136	May 6, 2022
Bro Exchange Videos Zeek	2	54	May 6, 2022