Extensions for Bro's Intelligence Framework.
Bro Python Shell
Switch branches/tags
Clone or download
J-Gras Added further remote functionality.
The scripts (Python client and Bro server) for remote removal have been
turned into more general versions supporting query and insertion of
items.
Latest commit 9225aaa Sep 1, 2017
Permalink
Failed to load latest commit information.
scripts
testing
utils
LICENSE
README.md
bro-pkg.meta

README.md

Intel Extensions

This package provides extensions for Bro's intelligence framework. It implements the following functionalities:

  • Intelligence expiration on per item basis.
  • Remote deletion of intelligence items (requires broker).
  • Preservation of files associated with an intel hit.
  • Support for <IP>:<Port> indicators.

Note: Most of the scripts require Bro version 2.5.