Originally recorded September 12, 2017
While bro-cut is certainly an important tool in your toolbox, you can expand on your ability to analyze logs and detect a variety of interesting network events through the use of the awk program. In this talk Mark will give an intro to the syntax of the awk command and then show several examples of how awk can be used directly on logs or in a pipeline with other programs. He hopes that you find the examples provided as useful takeaways from BroCon whether you are a beginner or advanced user.
Mark Krenz is the Lead Security Analyst at Indiana University’s Center for Applied Cybersecurity Research where he has participated on projects such as the Center for Trustworthy Scientific Cyberinfrastructure (CTSC) and the Software Assurance Marketplace (SWAMP). In addition to using Bro at work on a small enterprise network, he also uses Bro at home to monitor IoT devices. Mark is also the creator/host of the popular Twitter account @climagic, which provides useful Unix command tips to over 100 thousand command line enthusiasts
Slides:
Nguồn: https://codeigniterbrasil.com
Xem thêm bài viết khác: https://codeigniterbrasil.com/lap-trinh-linux/
Xem thêm Bài Viết:
- Xem Cakhia TV trực tiếp bóng đá hôm nay, link không giật
- Sinh năm 2002 mệnh gì? Tuổi Giáp Ngọ hợp với tuổi nào & hợp với màu gì?
- Sự giống và khác nhau giữa nồi nấu phở điện liền và nồi nấu phở tủ điện rời
- Chính sách mua trả góp xe máy điện VinFast lãi suất 0% mới nhất
- 10 homestay tốt nhất ở Quận Hà Đông và Quận Thanh Xuân ở Hà Nội
I love the presentation, but the code itself is highly questionable, especially for an awk talk! All that data shuffling via pipes put me right off.
On supporte !
Alors là, un gros bravo 🙂
Brilliant presentation. Best discussion on regular expressions I've heard.
Have you shared the pcap files or these log files with the students?