diff options
Diffstat (limited to 'bro-script/README')
| -rw-r--r-- | bro-script/README | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/bro-script/README b/bro-script/README index abfe1ad..03d9158 100644 --- a/bro-script/README +++ b/bro-script/README @@ -1,4 +1,8 @@ This directory contains a baseline implementation of the package parser implemented as a Bro script. A .bro file contains a script that can be executed on a Modbus pcap dump. A .log file contains an example for an -output file generated by this script. +output file generated by this script. By convention, the sample log file +should contain the first 100 lines of a real log file. + +Currently, the scripts only handle the read_holding_registers event. Other +events can handled by simply copying and adapting the existing handlers. |