On Wed, Oct 10, 2007 at 15:40 -0400, Danny Nechay wrote:
I have a trace file (from using TCPdump) and I would
like to know how to get
the flow statistics of this file using BRO (i.e. what would be the command
"bro -r trace tcp" should do it if you're only concerned about TCP.
For UDP and ICMP add "udp" and "icmp" to the command line,
Robin Sommer * Phone +1 (510) 931-5555 * robin(a)icir.org
ICSI/LBNL * Fax +1 (510) 666-2956 * www.icir.org