[Bro] Disable service name in alert||log.log ?

Christian Kreibich christian at whoop.org
Sun Sep 5 14:01:55 PDT 2004


On Sun, 2004-09-05 at 20:11, rmkml wrote:
> Hi,
> 
> Possible/How disable service name in this file ?
> 
> Change :
> 1094411512.196834 WeirdActivity 193.250.83.215/49649 > 62.23.34.172/http: 
> RST_with_data
> 
> to :
> 1094411512.196834 WeirdActivity 193.250.83.215/49649 > 62.23.34.172/80: 
> RST_with_data
> 
> use bro 09a3

Hi,

have a look at endpoint_id() in port-name.bro.

Cheers,
Christian.
-- 
________________________________________________________________________
                                          http://www.cl.cam.ac.uk/~cpk25
                                                    http://www.whoop.org





More information about the Bro mailing list