[Bro-Dev] Update on log management

G. Clark gc355804 at ohio.edu
Wed Aug 31 09:44:17 PDT 2011



should take you to the python library when opened in a browser.  Keep in 
mind, though, that this code won't be practically usable until we finish 
fixing up the ASCII header and I revise that code accordingly; I used a 
prototype header format to write / test this code.

See bro-logtool in that directory for a simple script I've been using to 
play with the library.

Also, re:

> The "normal" Bro deployment is as a cluster at this point anyway where the manager is dedicated to notice handling and logging (as you've noticed, standalone instances basically suck for anything over 80Mbps).  Also, Gilbert has been spending the summer threading the logging framework and I *think* his branch is probably close to being integrated.  We basically planned on threading the logging framework from the start for all of the reasons that you mentioned. :)

Working revision is in topic/gilbert/log-threads.  There's some work 
left to do here, but the current code does seem to pass basic testing.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6010 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.icsi.berkeley.edu/pipermail/bro-dev/attachments/20110831/ab84909a/attachment-0001.bin 

More information about the bro-dev mailing list