[Bro] Format of log file
jp.luiggi at free.fr
Mon Jul 30 10:31:42 PDT 2007
On Mon, Jul 30, 2007 at 08:58:38AM -0700, Vern Paxson wrote:
> Historically each file has used fixed-column format, without tags to
> indicate the meaning of the column. We've started migrating to tags for
> just the reason you cite, to make it easier to write back-end parsers.
> However, this effort is not complete.
Ok, i understand, it sound likes good.
> In the interim you might consider writing helper scripts that will
> translate the different log files into a tagged format.
Ok, no problem for this.
> By normal time do you mean human-readable timestamps? If so, you can achieve
> that using the "cf" tool in aux/cf - except it presently expects timestamps
> to start at the beginning of each line, so you'd need to extend it to know
> about t=<timestamp>. (If you do, please send us a patch for the addition.)
What i thought about was to have the choice to have directly in the log a
human-readable format for time.
I'll work as soon as possible on "cf" as suggested. :-)
More information about the Bro