Data Source: Bro conn

Date: 2025-01-23

ID: c5a7e93b-2172-45a7-a7e9-3b217255a7f5

Author: Jacob Delgado, SnapAttack

Description

Logs network connection metadata captured by Zeek (formerly Bro), including details such as source and destination IPs, ports, connection state, and protocol.

Details

Property	Value
Source	`bro:conn:json`
Sourcetype	`bro:conn:json`

Supported Apps

TA for Zeek (version 1.0.11)

Source: GitHub | Version: 2