[Bro] How to create a CSV logging writer
Matt Thompson
mthompson at hexwave.com
Sat Feb 1 13:29:12 PST 2014
Hi Jessica,
I don't think you need a filter for CSV output.
See:
http://www.bro.org/sphinx/scripts/base/frameworks/logging/writers/ascii.html
You can get CSV behavior without meta headers with:
redef LogAscii::include_meta = F;
redef LogAscii::separator = ",";
redef LogAscii::set_separator = ";";
Cheers,
Matt Thompson
On 2/1/14, 11:12 AM, Jessica Smith wrote:
> Hi,
>
>
> how can I add a new writer-specifi filter option via "config" in Log::Filter? I need to store log entries in CSV format where only a single header row with the column names is printed out as meta information, with no "# fields" prepended and no other meta data gets included in that mode.
>
>
> Jessica
>
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140201/085862ca/attachment.html
More information about the Bro
mailing list