[Bro] Weird Log rotation in Bro IDS 2.5 Beta
lagoon7 at gmail.com
Thu Nov 3 06:35:54 PDT 2016
Yes I am writing logs as JSON. But I don't have the ISO part on the end.
What is the correct way that line should read and is that the fix?
On Thursday, November 3, 2016, Seth Hall <seth at icir.org> wrote:
> >> On Nov 2, 2016, at 10:46 PM, Ludwig Goon <lagoon7 at gmail.com
> >> Anyone got any ideas why this happened?
> > Are you writing your logs as JSON? If you are, are you doing something
> like this too?
> > redef LogAscii::json_timestamps = JSON::TS_ISO8601;
> Wait, sorry. I emailed too quickly. I was asking those questions because
> they are related to a bug, but I see that you are running the 2.5 beta and
> the bug is fixed there. Are you making any changes to how you write out
> logs though? If you are, that could point to another instance of the same
> bug that we missed.
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro