I’ve created an event handler with the sole content being the following split_string_all command straight from https://www.bro.org/sphinx/scripts/base/bif/strings.bif.bro.html#id-split_string:
{
local service_id = split_string_all(“a-b–cd”, /(-)+/);
}
For some reason, I’m getting the error “unknown identifier split_string_all, at or near “split_string_all””.
The variable definition format (local var_name = var_content) is directly from line 47 of the example in https://www.bro.org/sphinx/scripting/index.html.
Please advise!
Best Regards,
Earl Eiland,
Sr. Cyber Security Engineer,
Emerging Technologies, root9B,
San Antonio, Texas