rmkml at wanadoo.fr
Sun Feb 15 14:16:15 PST 2004
Thanks Ruoming for quick answers
yes my question is how dumping bro events to syslog.
I have another question,
How receive bro events in centralized console mgmt ?
( syslog / redir stdout / *sql* / bro_tunnel / ... ?)
like snort/acid ?
Rmkml at Wanadoo.fr
On Sun, 15 Feb 2004, Ruoming Pang wrote:
> Date: Sun, 15 Feb 2004 17:03:52 -0500
> From: Ruoming Pang <rpang at cs.princeton.edu>
> To: 'rmkml' <rmkml at wanadoo.fr>, bro at listserv.lbl.gov
> Subject: RE: syslog events
> > Possible receive bro events with syslog daemon ?
> Sorry, I don't fully get it -- do you mean generating events from syslog
> or dumping events to syslog?
> If it's the latter, a little hack can make it possible -- all events go
> though EventMgr (see Event.cc). However, you may want to be careful in
> printing the event parameters, some are large chunks of data, e.g. in
> event http_entity_data.
More information about the Bro