[Bro] redef LogElasticSearch variables
jessebowling at gmail.com
Mon Feb 25 12:57:14 PST 2013
Ah yes, syntax... :)
Thank you all, that checks out ok.
On Mon, Feb 25, 2013 at 3:56 PM, Seth Hall <seth at icir.org> wrote:
> On Feb 25, 2013, at 3:45 PM, Jesse Bowling <jessebowling at gmail.com> wrote:
> > bro/base/frameworks/logging/writers/elasticsearch.bro
> This is the script level support for the elasticsearch writer.
> > bro/policy/tuning/logs-to-elasticsearch.bro
> This is a utility script to help you send your logs to ElasticSearch. It
> has some tuning options so you can choose if you only want to send certain
> > Both of them specify that the module is called "LogElasticSearch"...Is
> that a problem? At any rate…
> Defining a module only sets that to your current namespace. You can
> define it multiple times.
> I believe Justin answered the rest of your question. :)
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro