[Bro] Hui Lin_Enable Protocol Analyzer in Bro bare mode

Seth Hall seth at icir.org
Mon Jun 25 13:39:41 PDT 2012

On Jun 25, 2012, at 4:34 PM, Hui Lin (Hugo) wrote:

> I also like to use a Syslog analyzer to analyze syslog_message event. I define syslog_message event in my own script, but this event handler is not executed under bare mode? I am wondering what scripts should be loaded to enable Syslog analyzer.

It's enabled by default.  Can you show the code you are using that isn't working?


Seth Hall
International Computer Science Institute
(Bro) because everyone has a network

More information about the Bro mailing list