more syslog?
Anton Chuvakin, Ph.D.
anton at netForensics.com
Wed Jun 25 12:28:55 PDT 2003
All,
While I am enjoying running my new bro-0.8_32, I find that some of the
stuff gets reported to syslog (such as ContentGap and some FTP attacks),
while the rest is getting piled to multiple files (ftp.log, http.log,
etc). I looked at the manual and the *.bro file and it looks like its
hard-coded with ALERT statements. Is there any way to globally redirect
everything to syslog?
Best,
--
Anton Chuvakin, Ph.D., GCIA, GCIH
Senior Security Analyst
netForensics - http://www.netForensics.com
732-393-6071
More information about the Bro
mailing list