[Bro] log-append.bro

Po-Ching Lin pachinko.tw at gmail.com
Mon Sep 23 06:51:10 PDT 2013


       I would like to append the logs in the current run to existing logs. There was
log-append.bro which can change the default setting in earlier Bro. How could
it be done in Bro 2.1? open_log_file is defined in init-bare.bro, which seems not
loaded in init-default.bro, so changing open to open_for_append in its definition
does not work. I run bro directly from the command line as "bro -r xxx.pcap".
Any suggestion is appreciated.


More information about the Bro mailing list