Next: , Previous: port-name Module, Up: Analyzers and Events



7.8 The mt Module

The mt module is intended to provide a convenient way to run (almost) all of the analyzers. It @load's the following other modules and analyzers: log, dns, hot, port-name, frag, tcp, scan, weird, finger, ident, ftp, login and portmapper. So you can run Bro using bro -i in0 mt to have it analyze traffic on interface in0 using the above analyzers ; or you can @load mt to load in the above analyzers.

Note: The mt analyzer doesn't load http (because it can prove a very high load for many sites) nor experimental analyzers such as stepping or backdoor.