Hi all,
Does anyone know a way to get a list of all triggered events given a pcap file ?
Currently what I do is just print some indicative message for each suspected relevant events (quit tedious task)
Thanks
B
policy/misc/dump-events.bro does exactly what you want.
- Keith
Thank you very much !
it works great 
Note that this only will work for events that are already used in other
scripts. If an event is not used at all, it will not show up in the output
of dump-events.
Johanna