[Bro-Dev] Update on log management

[G. Clark]

Martin:

http://git.bro-ids.org/bro.git/tree/refs/heads/topic/gilbert/log-util:/aux/log-util

should take you to the python library when opened in a browser.  Keep in 
mind, though, that this code won't be practically usable until we finish 
fixing up the ASCII header and I revise that code accordingly; I used a 
prototype header format to write / test this code.

See bro-logtool in that directory for a simple script I've been using to 
play with the library.

Also, re:

> The "normal" Bro deployment is as a cluster at this point anyway where the manager is dedicated to notice handling and logging (as you've noticed, standalone instances basically suck for anything over 80Mbps).  Also, Gilbert has been spending the summer threading the logging framework and I *think* his branch is probably close to being integrated.  We basically planned on threading the logging framework from the start for all of the reasons that you mentioned. :)

Working revision is in topic/gilbert/log-threads.  There's some work 
left to do here, but the current code does seem to pass basic testing.

--Gilbert

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6010 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.icsi.berkeley.edu/pipermail/bro-dev/attachments/20110831/ab84909a/attachment-0001.bin