Skip to content

packetpunter/blue-bro

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
shortcuts
shortcuts
 
 
utility
utility
 
 
win-scripts
win-scripts
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
CHANGELOG
CHANGELOG
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
broctl.cfg
broctl.cfg
 
 

Repository files navigation

Intro

This container is built using my other docker base image, so it will have to be built into your docker image list before this image can run.

It is meant to be an on-the-fly analyzer for pcap files in the field using bro and some fancy shell scripts.

Basic Usage

As described in the run.sh script, this image assumes there will be a folder ~/Documents/pcaps that contains PCAPs for analysis. Additionally, if you want the bro logs outside of the container, there must be a folder at ~/code/docker/blue-bro/logs. These map to their respective folders in /app/code.

Utilities

This container runs in /app/code. There are utilities in /app/code/utils, like trace-summary. There is also the bins for scapy3k in there.

About

A bro node in docker

Topics

docker-container network-admin network-analysis packet-analyzer

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages