Reverse Lookups?

Josh_Guild · November 30, 2015, 2:27am

Hi all,

Does anyone know if Bro signatures support reverse lookups? I attempted one but it failed to compile. Just wanted to check before I pull my hair out messing with the syntax

Thanks!

Josh

anthony_kasza1 · November 30, 2015, 3:07am

See here:
https://www.bro.org/sphinx-git/frameworks/signatures.html
And here:
http://flex.sourceforge.net/manual/Patterns.html

-AK

Josh_Guild · November 30, 2015, 3:14am

Cool, thanks for the reference. I’ll poke at this tomorrow and see what I come up with.

Topic		Replies	Views
RE : bro signature http-request double encoded cause FN ? Zeek	1	62	May 6, 2022
BRO SIGNATURE Zeek	1	83	May 6, 2022
回复: Bro Digest, Vol 30, Issue 7 Zeek	2	105	May 6, 2022
signatures: pros/cons, future plans for bro Zeek	2	66	May 6, 2022
Bro Signatures Zeek	4	77	May 6, 2022

Reverse Lookups?

Related Topics