[Bro-Dev] [JIRA] (BIT-1478) BPF Filter for local.bro per activated log file

Lu Goon (JIRA) Mon, 14 Sep 2015 04:04:51 -0700

Lu Goon created BIT-1478:
----------------------------

             Summary: BPF Filter for local.bro per activated log file
                 Key: BIT-1478
                 URL: https://bro-tracker.atlassian.net/browse/BIT-1478
             Project: Bro Issue Tracker
          Issue Type: Problem
          Components: Bro
    Affects Versions: 2.3, 2.4
         Environment: linux, mac osx, 
            Reporter: Lu Goon



when activating the x509.log or bro script in local.bro, can I configure a BPF 
filter to only affect x509? For example I only want to have events that the 
dust_host is our DMZ subnet. Can I configure that in the x509.bro file or some 
other bro configuration file?



--
This message was sent by Atlassian JIRA
(v7.0.0-OD-05-005#70102)
_______________________________________________
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

[Bro-Dev] [JIRA] (BIT-1478) BPF Filter for local.bro per activated log file

Reply via email to