Zakaria, There's no LDAP analyzer in Bro. LDAP is not a simple protocol, but if you'd like to try writing an analyzer, you might want to check out the following resources:
https://www.bro.org/development/howtos/binpac-sample-analyzer.html https://www.youtube.com/watch?v=1eDIl9y6ZnM Best, --Vlad On Wed, Nov 25, 2015 at 12:44 PM, Zakaria Hili <[email protected]> wrote: > Hello, > > I need to parse LDAP messages from a pcap. So what I did is I tried to > search for some Bro's events of LDAP but I failed. So I was wondering if > there's some and that I missed them. If no, how can I then code a dissector > of ldap easily so I could use it in events that I have to implement? > > Thank you for your help and keep up the good work! > ᐧ > > _______________________________________________ > bro-dev mailing list > [email protected] > http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev > >
_______________________________________________ bro-dev mailing list [email protected] http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
