more syslog?

Anton Chuvakin, Ph.D. anton at
Wed Jun 25 12:28:55 PDT 2003


While I am enjoying running my new bro-0.8_32, I find that some of the
stuff gets reported to syslog (such as ContentGap and some FTP attacks),
while the rest is getting piled to multiple files (ftp.log, http.log,
etc).  I looked at the manual and the *.bro file and it looks like its
hard-coded with ALERT statements. Is there any way to globally redirect
everything to syslog?

Anton Chuvakin, Ph.D., GCIA, GCIH
Senior Security Analyst
netForensics -

More information about the Bro mailing list