As mentioned in an update to that blog post, Seth Hall wrote a ShellShock detector for Bro that detects successful exploitation (not just an attempt):
I've added these Bro scripts to our securityonion-bro-scripts package and submitted the package for testing:
If you're not already a member of the security-onion-testing Google Group, please join the group and help us test this new package so we can get it released as quickly as possible.
|Bro Notice for ShellShock::Exploit|
|Bro http.log showing ShellShock::HIT|
Please see Part 4:
UPDATE 20140927 08:01
The updated securityonion-bro-scripts package has been released to our stable PPA: