[Bro-Dev] Weird stuff in weird.log
Seth Hall
seth at icir.org
Fri Oct 7 21:01:51 PDT 2011
I'm seeing some odd stuff in my weird.log on a cluster. It looks an extra tab character is getting put in after null values and then it's escaped. Any clue what happened?
1318046447.381516 -\x09 -\x09 -\x09 -\x09 -\x09 non_IPv4_packet -\x09 T
1318046447.960574 -\x09 -\x09 -\x09 -\x09 -\x09 non_IPv4_packet -\x09 T
1318046447.960867 -\x09 -\x09 -\x09 -\x09 -\x09 non_IPv4_packet -\x09 T
1318046513.637314 -\x09 -\x09 -\x09 -\x09 -\x09 non_IPv4_packet -\x09 T
1318046447.932012 -\x09 -\x09 -\x09 -\x09 -\x09 non_IPv4_packet -\x09 T
1318046447.935414 -\x09 -\x09 -\x09 -\x09 -\x09 non_IPv4_packet -\x09 T
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the bro-dev
mailing list