grep bro conn.log for ip vlan and mac

diff --git a/bro-conn-ip-vlan-mac.sh b/bro-conn-ip-vlan-mac.sh
new file mode 100755 (executable)
index 0000000..304a4a9
--- /dev/null
+++ b/bro-conn-ip-vlan-mac.sh
@@ -0,0 +1,4 @@
+#!/bin/sh -ex
+
+ssh enesej "cat /var/log/bro/current/conn.log | bro-cut -d id.orig_h vlan orig_l2_addr -F' ' | grep '^$1 ' | head -1"
+