main.bro¶

Barnyard2¶

This script lets Barnyard2 integrate with Bro. It receives alerts from Barnyard2 and logs them. In the future it will do more correlation and derive new notices from the alerts.

Namespace:	Barnyard2
Imports:	policy/integration/barnyard2/types.bro
Source File:	`/scripts/policy/integration/barnyard2/main.bro`

Summary¶

Types¶

Barnyard2::Info: record

Redefinitions¶

Log::ID: enum

Functions¶

Barnyard2::pid2cid: function This can convert a Barnyard Barnyard2::PacketID value to a conn_id value in the case that you might need to index into an existing data structure elsewhere within Bro.

Detailed Interface¶

Types¶

Barnyard2::Info¶

Type:

Type:	`record` ts: `time` `&log` Timestamp of the alert. pid: `Barnyard2::PacketID` `&log` Associated packet ID. alert: `Barnyard2::AlertData` `&log` Associated alert data.

record

ts: time &log: Timestamp of the alert.
pid: Barnyard2::PacketID &log: Associated packet ID.
alert: Barnyard2::AlertData &log: Associated alert data.

Functions¶

Barnyard2::pid2cid¶

Type:	`function` (p: `Barnyard2::PacketID`) : `conn_id`

This can convert a Barnyard Barnyard2::PacketID value to a conn_id value in the case that you might need to index into an existing data structure elsewhere within Bro.

policy/integration/barnyard2/main.bro¶

Summary¶

Types¶

Redefinitions¶

Functions¶

Detailed Interface¶

Types¶

Functions¶

Table of Contents

Next Page

Previous Page

policy/integration/barnyard2/main.bro¶

Summary¶

Types¶

Redefinitions¶

Functions¶

Detailed Interface¶

Types¶

Functions¶

Table of Contents

Next Page

Previous Page

Search