[Bro] Properly disabling certain rules
Ward Sladek
wsladekjr at hotmail.com
Wed Jun 18 08:23:43 PDT 2014
I eliminate syslog via the following in my local.bro:
# Disable Syslog
event bro_init()
{
Log::disable_stream(Syslog::LOG);
}
Not sure if that is the recommended way, but it works.
> To: bro at bro.org
> Date: Wed, 18 Jun 2014 08:09:17 -0600
> From: jlay at slave-tothe-box.net
> Subject: [Bro] Properly disabling certain rules
>
> Team,
>
> So...after upgrading to Bro 2.3, syslog and ssl have returned, which I
> do not want to see. I commented them out in init-default.bro, which is
> not the right way to go I know. How can I disable these in my
> local.bro? Thank you.
>
> James
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140618/d3d8401b/attachment.html
More information about the Bro
mailing list