using intel framework for scripts

John_Babio1 · November 21, 2013, 2:22pm

How does one leverage this framework to write scripts?

Liam_Randall2 · November 21, 2013, 2:29pm

Hey John,

Start with the video:
Video

Then review these exercises:
http://bro.org/bro-exchange-2013/exercises/intel.html

These are both from the Bro Exchange 2013.

Thanks,

Liam Randall

Seth_Hall3 · November 21, 2013, 2:30pm

It depends on what you want to do. The docs we have for it show you how to use it (to get an intel.log file). Is that all you're interested in? Loading data and finding things that hit?

http://www.bro.org/sphinx/frameworks/intel.html

.Seth

John_Babio1 · November 21, 2013, 2:48pm

Thank you!

Matt_Stucky · November 21, 2013, 4:17pm

Does the framework take care of updating the system on the fly if the input files change, or is a restart needed?

-matt

Seth_Hall3 · November 21, 2013, 5:02pm

It updates on the fly. If you are running a cluster you only need to update the data on the manager too. It will auto distribute.

.Seth

Topic		Replies	Views
Intel Framework, Notices, and sending out emails Zeek	3	59	May 6, 2022
Intel Framework Not Generating Intel Log Zeek	4	133	May 6, 2022
Help with intel framework Zeek	8	79	May 6, 2022
CIF and Bro Integration Zeek	12	78	May 6, 2022
Help with intel framework Zeek	3	75	May 6, 2022

using intel framework for scripts

Related Topics