syslog events

Ruoming Pang rpang at cs.princeton.edu
Sun Feb 15 14:03:52 PST 2004


> Possible receive bro events with syslog daemon ?

Sorry, I don't fully get it -- do you mean generating events from syslog
or dumping events to syslog? 

If it's the latter, a little hack can make it possible -- all events go
though EventMgr (see Event.cc). However, you may want to be careful in
printing the event parameters, some are large chunks of data, e.g. in
event http_entity_data.

Ruoming




More information about the Bro mailing list