[Bro] Disable Base script
Ward Sladek
wsladekjr at hotmail.com
Tue Dec 24 10:50:42 PST 2013
What is the best practice for disabling a Base script? For example, I would like to disable syslog monitoring all together. I have included the following in my local.bro:
event bro_init()
{
Log::disable_stream(Syslog::LOG);
}
This disables the logging of syslog messages, but does it prevent Bro from loading the base/protocols/syslog scripts? If not, what is the best practice for doing so? I'm trying to tune/tweak bro for best performance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20131224/1e789707/attachment.html
More information about the Bro
mailing list