[Bro] Advanced filtering

[Seth Hall]

On Jan 24, 2012, at 10:39 AM, Thomas, Eric D wrote:

>  for performance and log size reasons.

One more thought actually.  If you are concerned with log size, you really have no limitations for filtering and redirecting your logs with the logging framework.  I'm hoping to do a short blog post today demonstrating some of the logging filters that I have created recently for various people.

  .Seth

--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/