Bro Workshop 2011
All workshop materials are available to download for offline use and are based on Bro version 2.0 beta. For exercises that involve Bro scripting, you may find the script reference and the Bro language cheat sheet helpful.
Tuesday, November 8
8:00am Breakfast & Registration
9:00am Broverview (Slides) (Video)
9:30am Exercise 1: Getting Started
10:15am Break
10:45am We have new scripts! (Video)
11:15am Exercise 2: Understanding and Examining Bro Logs (Slides) (Video) (Solutions)
12:15pm Lunch
1:00pm Exercise 3: Handling Notices (Video) (Solutions)
1:45pm Exercise 4: Bro Programming Primer (Video) (Solutions)
3:45pm Break
4:15pm Leveraging Bro for Incident Response (Martin Holste) (Abstract)
Wednesday, November 9
8:00am Breakfast
9:00am A Bro Script Case Study (Slides) (Video)
9:45am Exercise 5: Extending a Script’s Functionality (Solutions)
10:45am Break
11:00am Network Forensics with Bro (Slides) (Video)
12:00pm Lunch
1:00pm Exercise 6: Intelligence-Based Incident Response (Video) (Solutions)
2:00pm Bro @ LBL: Operational Insights (Aashish Sharma & Jim Mellander) (Abstract)
2:50pm Break
3:10pm Exercise 7: Advanced HTTP Traffic Analysis (Video1) (Video2) (Solutions)
4:10pm Analyzing and Visualizing Bro Logs with Splunk (Justin Azoff) (Abstract)
4:35pm Using Bro and TimeMachine for Incident Response (Justin Azoff) (Abstract)
Page Contents
Quick Links
- 13 February 2020: Ask the Zeeksperts - Aashish Sharma
- 18 February 2020 - Portland OR: Zeek Days Workshops
- 27 February 2020: Ask the Zeeksperts
- 7-9 October 2020 - Austin, Texas: ZeekWeek 2020
