#
bro
Here are 72 public repositories matching this topic...
p-l-
commented
Feb 13, 2019
Currently, at least the values from XML tags tcpsequence and ipidsequence are not kept. The schema should be updated to store them.
See also #636.
Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, and Spark
-
Updated
May 14, 2020 - Jupyter Notebook
An All-In-One home intrusion detection system (IDS) solution for the Raspberry PI.
raspberry-pi
iot
monitor
raspberrypi
bro
suricata
intrusion-detection
raspbian
securityonion
internetofthings
-
Updated
Jun 30, 2018 - Python
Bro IDS Dockerfile
-
Updated
Sep 14, 2019 - Zeek
The default package source of the Zeek Package Manager
-
Updated
Aug 5, 2020
Extract files from network traffic with Zeek.
-
Updated
Mar 17, 2020 - Zeek
Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
-
Updated
Jul 22, 2020 - Go
A package manager for Zeek
-
Updated
Aug 10, 2020 - Python
brostash: Linux distribution based on Debian and focusing on network security events collection
-
Updated
Sep 29, 2019 - Shell
An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS
-
Updated
Jun 15, 2018 - PHP
Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))
-
Updated
Apr 17, 2020
Zeek ( formerly Bro) Network Security Monitor package for pfSense router/firewall
javascript
bash
ssh
php
xml
firewall
ajax
bro
browse
pfsense
xml-rpc
zeek
pfsense-pkg-zeek
pfsense-pkg-bro
pfsense-router
-
Updated
Jul 21, 2020 - PHP
Flexible framework that allows automation to process cyber threat information and update endpoint defense tools.
-
Updated
Oct 24, 2018 - Python
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
-
Updated
Apr 12, 2020
A saltstack formula to install BRO network security monitor on RHEL or Debian based systems
-
Updated
Aug 18, 2019 - SaltStack
A Zeek Network Security Monitor Tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
pcap
bro
cybersecurity
cyber
cyber-security
network-security
zeek
cyber-threat-intelligence
cyber-security-team
-
Updated
Feb 27, 2020
Go implementation of the Community ID flow hashing standard
go
golang
bro
suricata
network-monitoring
network-security-monitoring
network-security
zeek
flow-hashing
community-id
-
Updated
Aug 29, 2019 - Go
Improve this page
Add a description, image, and links to the bro topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the bro topic, visit your repo's landing page and select "manage topics."
zeek-cut currently has ability to output "header blocks" in prefix to records. It would be helpful if there was an option that output a simple header row that contained only the corresponding field names, the target format supporting essentially CSV ready output.
Convoluted example of how we're achieving/using today with (for example) the Miller tool to postprocess: