[Bro-Dev] Update on log management
gc355804 at ohio.edu
Wed Aug 31 09:44:17 PDT 2011
should take you to the python library when opened in a browser. Keep in
mind, though, that this code won't be practically usable until we finish
fixing up the ASCII header and I revise that code accordingly; I used a
prototype header format to write / test this code.
See bro-logtool in that directory for a simple script I've been using to
play with the library.
> The "normal" Bro deployment is as a cluster at this point anyway where the manager is dedicated to notice handling and logging (as you've noticed, standalone instances basically suck for anything over 80Mbps). Also, Gilbert has been spending the summer threading the logging framework and I *think* his branch is probably close to being integrated. We basically planned on threading the logging framework from the start for all of the reasons that you mentioned. :)
Working revision is in topic/gilbert/log-threads. There's some work
left to do here, but the current code does seem to pass basic testing.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 6010 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.icsi.berkeley.edu/pipermail/bro-dev/attachments/20110831/ab84909a/attachment-0001.bin
More information about the bro-dev