Reverse Lookups?

Josh_Guild · November 30, 2015, 2:27am

Hi all,

Does anyone know if Bro signatures support reverse lookups? I attempted one but it failed to compile. Just wanted to check before I pull my hair out messing with the syntax

Thanks!

Josh

anthony_kasza1 · November 30, 2015, 3:07am

See here:
https://www.bro.org/sphinx-git/frameworks/signatures.html
And here:
http://flex.sourceforge.net/manual/Patterns.html

-AK

Josh_Guild · November 30, 2015, 3:14am

Cool, thanks for the reference. I’ll poke at this tomorrow and see what I come up with.

Topic		Replies	Views
BRO SIGNATURE Zeek	1	114	May 6, 2022
signature match Zeek	2	114	May 6, 2022
To convert l7-filter signatures to Bro signatures Zeek	2	84	May 6, 2022
BRO signature Zeek	2	151	May 6, 2022
regex Zeek	1	110	May 6, 2022

Reverse Lookups?

Related topics