[Bro] log rotation
Ul Asad, Hafiz
Hafiz.Ul-Asad.1 at city.ac.uk
Sun Mar 26 11:18:03 PDT 2017
I am analysing a large number of "pcap" files using,
bro -r *.pcap my_bro.script
The problem is that for each new pcap file, bro over-writes the previous *.log files if I don't change my working directory. Is there a way of controlling the rotation of log files? I know that "broctl" has this time base rotation, but is there any sort of rotation control when bro is run from command line? I can change the working directory, but I want to have all my results in a single a log file (files) so that it is easy to query them.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro