[Bro] Disabling an analyzer in weird

Jan Grashöfer jan.grashoefer at gmail.com
Sat Mar 11 12:46:53 PST 2017

Hi James,

> Well I'm certainly close.  Thanks to the redef I'm able to squelch out a 
> lot of noise, but alas, not the binpac exception.  If I disable the 
> analyzer I don't get any syslog.log file, so that's not what I need in 
> this case. I'll keep digging..thanks again for all the help.

if that particular notice is not listed in Weird::actions you can still
just filter manually. Something like that might work for you:


More information about the Bro mailing list