[Bro] Writing JSON logs
Siwek, Jonathan Luke
jsiwek at illinois.edu
Fri Nov 22 13:36:45 PST 2013
On Nov 22, 2013, at 10:36 AM, Tritium Cat <tritium.cat at gmail.com> wrote:
> On Fri, Nov 22, 2013 at 7:44 AM, Siwek, Jonathan Luke <jsiwek at illinois.edu> wrote:
> It’s a “const” so you can’t change the value at run-time. Use `redef` to assign a new value at parse-time.
>
>
> Did you read the patch ? &redef is included. Maybe I misunderstand you.
The &redef attribute still doesn’t permit run-time modification of a const, which is what you did in the bro_init handler. Instead what you need is to use the `redef` statement to assign a value at parse time (outside an event handler):
redef LogAscii::write_json=T;
- Jon
More information about the Bro
mailing list