When I try to off-line analysis with -r option, how can I use all Bro
I just found some example about off-line, but it seems that I can apply 1
time 1 rule.
Could you let me know how all bro rules can be applied to specific tcp
# set up the Bro environment (sh or bash)
/usr/local/bro/bin/bro -r dumpfile backdoor.bro