[Bro] Multiple log streams

Jan Grashöfer jan.grashoefer at gmail.com
Mon May 16 11:44:11 PDT 2016

Hi Jay,

> I'm seeing only a fraction of the total logs being written as JSON -- it
> varies between about 25-40%.

Do you miss single log lines or complete log files? In case you are
missing single log lines: Is there any pattern (e.g. a certain type of
events is missing or just a subset of logs is affected)?

In case you are running a cluster, it might be interesting to log the
node (see

Best regards,

More information about the Bro mailing list