[Bro] [bro] conn-summary
johanna at icir.org
Tue Nov 29 15:38:36 PST 2016
since trace-summary (the tool that generates the connection summaries)
only supports the standard Bro log file syntax, there currently is no way
to get a usable output when only logging in json.
You could log in json and in the standard format simultaneously, as one
solution. Adding json support to trace-summary also should not be that
hard - but I don't think that that is currently on anyones plate.
On Thu, Nov 17, 2016 at 08:29:54AM -0500, Tim Desrochers wrote:
> Is there a way, when logging in JSON, to get a readable connection summary
> log. When logging in JSON the log is unusable and the tables included in
> the log do not get populated. I like the log because it gives a great
> overview of the sensors.
> Bro mailing list
> bro at bro-ids.org
More information about the Bro