Originally recorded September 12, 2017

While bro-cut is certainly an important tool in your toolbox, you can expand on your ability to analyze logs and detect a variety of interesting network events through the use of the awk program. In this talk Mark will give an intro to the syntax of the awk command and then show several examples of how awk can be used directly on logs or in a pipeline with other programs. He hopes that you find the examples provided as useful takeaways from BroCon whether you are a beginner or advanced user.

Mark Krenz is the Lead Security Analyst at Indiana University’s Center for Applied Cybersecurity Research where he has participated on projects such as the Center for Trustworthy Scientific Cyberinfrastructure (CTSC) and the Software Assurance Marketplace (SWAMP). In addition to using Bro at work on a small enterprise network, he also uses Bro at home to monitor IoT devices. Mark is also the creator/host of the popular Twitter account @climagic, which provides useful Unix command tips to over 100 thousand command line enthusiasts

Slides:

Nguồn: https://codeigniterbrasil.com

Xem thêm bài viết khác: https://codeigniterbrasil.com/lap-trinh-linux/

5 Comments

Learn Linux

May 9, 2020

I love the presentation, but the code itself is highly questionable, especially for an awk talk! All that data shuffling via pipes put me right off.

Reply

Eskimoz

May 9, 2020

On supporte !

Reply

Eskimoz

May 9, 2020

Alors là, un gros bravo 🙂

Reply

musicmansuperman

May 9, 2020

Brilliant presentation. Best discussion on regular expressions I've heard.

Reply

sakib janjua

May 9, 2020

Have you shared the pcap files or these log files with the students?

Reply

Leave a Reply