[Bro] send logs to custom server by socket
Mo Jia
life.130815 at gmail.com
Wed Apr 29 22:17:12 PDT 2015
Hello:
If I don't want log to disk, and want send json logs to a remote
server. When some code like this Log::write(HTTP::LOG, c$http); it was
send http log to my server. Dose this mean I need change
src/logging/writters/ascii ? Or I should add a new writer something
like socket? I don't want change the bro scripts already have, so
Log:write(HTTP::LOG, c$http) should don't change. Or I think is
add a config like
LOG_SERVER_IP = 192.168.100
LOG_SERVER_PORT = 8087
and all the http , notice and so on all send to the server.
Any suggest? Or does somebody already done before?
More information about the Bro
mailing list