Querybuilder This program queries bro and elasticsearch for an external OU IP and returns the associated mac address. To use is simple:
querybuilder -[ES or BRO] [filepath_to_DIR_or_FILE]
The required filetype is an email made into a .txt. The program will differentiate between directories and files automatically.
- To configure stored ssh info.
- querybuilder -conf