1
0
mirror of https://github.com/vimagick/dockerfiles.git synced 2024-11-24 08:52:31 +02:00
dockerfiles/bro
2015-06-22 15:35:21 +08:00
..
Dockerfile add bro 2015-06-22 15:35:21 +08:00
README.md add bro 2015-06-22 15:35:21 +08:00

Bro is a powerful system that on top of the functionality it provides out of the box, also offers the flexibility to customize analysis pretty much arbitrarily. We provide a range of documentation material ranging from introductory material to get you started, to full references of Bro’s various frameworks.

docker-compose.yml

bro:
  image: vimagick/bro
  volumes:
    - ./logs:/opt/bro/logs
  environment:
    - DEVICE=eth0
  net: host

up and running

$ cd ~/fig/bro/

$ docker-compose up -d

$ docker exec -it bro_bro_1 bash
>>> tail -n +1 -f http.log | bro-cut -d ts user_agent
>>> exit