Created
May 9, 2015 20:36
-
-
Save dcode/c5e748b0c60ba539a1c8 to your computer and use it in GitHub Desktop.
Some command line network hunting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Notice tail | |
| stdbuf -o0 tail -n+1 -F notice.log \ | |
| | stdbuf -o0 bro-cut -d ts note msg \ | |
| | awk -F'\t' '{ print "================\n" $1, $2"\n", $3 }' | |
| # HTTP Tail | |
| stdbuf -o0 tail -n+1 -F http.log \ | |
| | stdbuf -o0 bro-cut id.orig_h uri user_agent \ | |
| | awk -F'\t' '{ print "=================\n" $1, $2"\n", $3 }' | |
| # Ensure you set your local networks in /opt/bro/etc/networks.cfg |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment