Created
December 6, 2012 19:59
-
-
Save justindthomas/4227811 to your computer and use it in GitHub Desktop.
Bro Events
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --script.py | |
| #!/usr/bin/env python | |
| import sys | |
| import broccoli | |
| @broccoli.event(broccoli.record) | |
| def connection_established(connection): | |
| print "conn", connection.conn_id | |
| def bro_event_loop(bc): | |
| try: | |
| while True: | |
| ret = bc.processInput() | |
| except: | |
| print "error" | |
| bc = broccoli.Connection("x.x.x.x:47760") | |
| bro_event_loop(bc) | |
| sys.exit(0) | |
| --communication.log | |
| 1354823665.907826 bro parent - - - info [#10052/x.x.x.x:53201] phase: handshake | |
| 1354823666.105633 bro parent - - - info [#10052/x.x.x.x:53201] registered for event connection_established | |
| 1354823666.166018 bro parent - - - info [#10052/x.x.x.x:53201] peer does not support 64bit PIDs; using compatibility mode | |
| 1354823666.166018 bro parent - - - info [#10052/x.x.x.x:53201] peer is a Broccoli | |
| 1354823666.166018 bro parent - - - info [#10052/x.x.x.x:53201] phase: running | |
| 1354823673.553387 bro child - - - info selects=37900000 canwrites=0 timeouts=378981 | |
| --conn.log | |
| 1354823762.251514 zg6MwJkhDAi x.x.x.x 56028 x.x.x.x 443 tcp ssl 9.916193 1365 1606 SF T 0 ShADdaFf 13 2049 9 2082 (empty) | |
| 1354823771.532838 fc4hcXfJkj6 x.x.x.x 58500 x.x.x.x 443 tcp ssl 0.766641 737 3744 RSTO T 0 ShADadfR 12 1357 11 4324 (empty) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment