Originally recorded September 12, 2017
While bro-cut is certainly an important tool in your toolbox, you can expand on your ability to analyze logs and detect a variety of interesting network events through the use of the awk program. In this talk Mark will give an intro to the syntax of the awk command and then show several examples of how awk can be used directly on logs or in a pipeline with other programs. He hopes that you find the examples provided as useful takeaways from BroCon whether you are a beginner or advanced user.
Mark Krenz is the Lead Security Analyst at Indiana University’s Center for Applied Cybersecurity Research where he has participated on projects such as the Center for Trustworthy Scientific Cyberinfrastructure (CTSC) and the Software Assurance Marketplace (SWAMP). In addition to using Bro at work on a small enterprise network, he also uses Bro at home to monitor IoT devices. Mark is also the creator/host of the popular Twitter account @climagic, which provides useful Unix command tips to over 100 thousand command line enthusiasts
Slides:
Nguồn: https://codeigniterbrasil.com
Xem thêm bài viết khác: https://codeigniterbrasil.com/lap-trinh-linux/
Xem thêm Bài Viết:
- Hướng dẫn sử dụng hệ điều hành linux siêu tốc – bài 25 Xem cấu hình hệ thống (cpu, ram, hdd)
- Linux cat command summary with examples
- Cài nhiều hệ điều hành Windows và Linux trên một máy tính
- Hướng dẫn tạo USB Boot DLC2019 (NTFS / UEFI) Trên windows 10 ( sử dụng USB 32 GB )
- Hướng dẫn gỡ bỏ Ubuntu sạch sẽ nhất bằng lệnh trên Windows theo chuẩn UEFI-GPT
I love the presentation, but the code itself is highly questionable, especially for an awk talk! All that data shuffling via pipes put me right off.
On supporte !
Alors là, un gros bravo 🙂
Brilliant presentation. Best discussion on regular expressions I've heard.
Have you shared the pcap files or these log files with the students?