[Bro] ASCII JSON log stream

Daniel Thayer dnthayer at illinois.edu
Tue Jun 30 08:49:01 PDT 2015

On 06/30/2015 02:52 AM, Albert Zaharovits wrote:
> Hello,
> I am writing a bro script which creates a ASCII log stream. I would like JSON output only for this stream. I was able to turn on JSON output globally.
> Any idea?
> Albert

There is an example in the "Logging Framework" documentation that you 
can use:

Just replace "tsv" in the example with "use_json", and replace
Conn::LOG with your log stream ID.

More information about the Bro mailing list