mt
ModuleThe mt
module is intended to provide a convenient way
to run (almost) all of the analyzers. It @load
's the following
other modules and analyzers:
log, dns, hot, port-name, frag, tcp, scan, weird, finger, ident, ftp,
login
and portmapper
.
So you can run Bro using bro -i in0 mt to have it analyze
traffic on interface in0 using the above analyzers
; or you can @load mt
to load in the above
analyzers.
Note: The mt
analyzer doesn't load http
(because
it can prove a very high load for many sites)
nor experimental analyzers such as stepping
or backdoor
.