THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
| View file | ||||
|---|---|---|---|---|
|
Bro is primarily used as a Deep Packet Inspection (DPI) metadata generator. Metron does not currently utilize the IDS alerts features of Bro. Metron integrates with Bro via a Bro Plug-in, and does not require recompiling of Bro code. The instructions for building and installing the Bro plug-in with Bro can be found here: https://github.com/apache/incubator-metron/blob/master/bro-plugin-kafka/README.md . The Bro plug-in formats Bro output messages into JSON and puts them onto a Kafka topic. The JSON messages outputted by the Bro plug-in are designed to be parsed by the Metron Bro parsing topology.
For related components see: