[Bro-Dev] Hui Lin_How to disable some default log option
Seth Hall
seth at icir.org
Wed Nov 2 09:00:36 PDT 2011
On Nov 2, 2011, at 11:51 AM, Hui Lin (Hugo) wrote:
> I have update with master branch of Bro (still Bro 1.6).
That's actually called 2.0, there isn't really a 1.6. ;)
> But I find that currently, by default, Bro will generate conn.log, noitice_policy.log and packet_filter.log without indicating any bro policy script. I am wondering is there any way that I can disable them.
Search for "disable_stream" in the logging framework documentation:
http://www.bro-ids.org/documentation-beta/logging.bro.html
The streams you're looking to disable are:
Conn::LOG
Notice::POLICY_LOG
PacketFilter::LOG
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the bro-dev
mailing list