[Bro] How to turn off logging Bro alerts via syslog
Jaeyeon Jung
jyjung at csail.mit.edu
Mon Dec 27 23:11:16 PST 2004
We are running Bro 0.9a8.14 on our Linux system. We notice that
/ is often 100% full because of huge /var/log/messages, which
seems filled with the Bro alerts that are also recorded in its
own alarm log file.
Is there any way to turn off logging those Bro alerts via syslog? If
not, would we be missing any Bro alerts if we delete /var/log/messages?
Thanks!
Jaeyeon
More information about the Bro
mailing list