[Bro-Dev] $tag in notice_info

[Robin Sommer]

I like switching from notice tags to a generic conn id used
consistently across logs. My only request is that we make sure we can
identify a connection uniqule even across Bro runs. Then one can just
scan a whole log archive for a specific connection without needing to
worry about when Bro started etc.

Robin

-- 
Robin Sommer * Phone +1 (510) 722-6541 * robin at icir.org
ICSI/LBNL    * Fax   +1 (510) 666-2956 *   www.icir.org