[Bro] Question about creating custom conn logs.

[Alen Capalik]

Hi all,

I was wondering if someone can point me in the right direction
regarding creating custom connection logs in Bro.  I'm sorry in
advance if this is a question already asked before, but I could not
find the answer or something remotely close to an answer.  I want to
add some fields to current conn.<tag>.log files (namely for instance
tcp sequence numbers) for all tcp connections or I want to create new
connection log files with new fields.  I have written new function
(similar to record_connection()) in <hostname>.bro file as well as new
event calling that function.  The log files get created, but nothing
is ever logged into them.

I guess my question would be, how do I create an event calling this
function that will just record all tcp network traffic into customized
log files?  I really don't want to do anything special to it, I just
want to log the traffic with the format I defined in the function.  I
have been using pkt_hdr, ip_hdr, tcp_hdr, udp_hdr data types from
bro.init to add additional fields in fmt(). If you can just give me a
quick format of the event that would do that, it would help
tremendously, I can do the rest myself.

I hope this is enough information, if not please let me know.  Thank
you in advance for any help.

Regards,
Alen