[Bro] Weird Log rotation in Bro IDS 2.5 Beta
seth at icir.org
Thu Nov 3 04:59:18 PDT 2016
> On Nov 3, 2016, at 7:57 AM, Seth Hall <seth at icir.org> wrote:
>> On Nov 2, 2016, at 10:46 PM, Ludwig Goon <lagoon7 at gmail.com> wrote:
>> Anyone got any ideas why this happened?
> Are you writing your logs as JSON? If you are, are you doing something like this too?
> redef LogAscii::json_timestamps = JSON::TS_ISO8601;
Wait, sorry. I emailed too quickly. I was asking those questions because they are related to a bug, but I see that you are running the 2.5 beta and the bug is fixed there. Are you making any changes to how you write out logs though? If you are, that could point to another instance of the same bug that we missed.
International Computer Science Institute
(Bro) because everyone has a network
More information about the Bro