[Bro] Weird Log rotation in Bro IDS 2.5 Beta

Seth Hall seth at icir.org
Thu Nov 3 04:57:07 PDT 2016


> On Nov 2, 2016, at 10:46 PM, Ludwig Goon <lagoon7 at gmail.com> wrote:
> 
> Anyone got any ideas why this happened?

Are you writing your logs as JSON?  If you are, are you doing something like this too?

	redef LogAscii::json_timestamps = JSON::TS_ISO8601;

 .Seth

--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/




More information about the Bro mailing list