Phil Rzewski
Phil Rzewski
We were brainstorming on this topic as a team today. One idea floated is to introduce a new class of pin intended specifically to hold things like `const` and `type`....
In looking at what's possible today, the approach described in the [Zeek Customization](https://github.com/brimsec/brim/wiki/Zeek-Customization) article seems to be technically capable of achieving this. Since the Zeek & Suricata "runner" scripts take...
In the time since this issue was first opened, Brim's pcap processing is now handled by a separate tool [Brimcap](https://github.com/brimdata/brimcap) that's bundled with the app. The same recipe above that...
@alberto-bc: Thanks for your interest in Brim! There are currently no plans to support decryption in Brim. At the moment, the heavy lifting of creating summary logs out of packet...
In the time since this issue was first opened, pcap processing is now handled by a separate external tool [Brimcap](https://github.com/brimdata/brimcap) that's bundled with Brim. It seems like if we wanted...
Note that issue is linked to from the [Remote Workspaces (v0.25.0+)](https://github.com/brimdata/brim/wiki/Remote-Workspaces-%28v0.25.0-%29) article in the Brim wiki. If/when this gets addressed, the article should be updated.
@jfedotov: Thanks for reporting. As you may be aware, Brim typically relies on some other tools (specifically Zeek and Suricata) to generate summary logs from pcaps. This particular error is...
@jfedotov: Thanks for the additional detail. If your goal is to actually have the logs reflect meaningful analysis of the 802.11 layer, it does seem that Zeek (and therefore, by...
[**@jfedotov**](https://github.com/jfedotov): The Zeek Dev folks responded quickly, and you can see their response [here](https://github.com/zeek/zeek/issues/1641#issuecomment-871734442). I'll paste it here for ease of reference and search-ability within the Brimcap repo: > The...
@mattnibs: Yes, that was the essence. Reading the text again now, my filing it at the time was in some ways a reflection of Brimcap's new-ness and me not yet...