[Bro] Log Source
Matt Clemons
matt.clemons at gmail.com
Mon Feb 23 14:32:52 PST 2015
Is there a way to add Worker source to all bro logs?
I was able to do this with the conn.log, but if i try others, bad things
happen. Can someone help?
redef record Conn::Info += {
peer_descr: string &default="unknown" &log;
};
event connection_state_remove(c: connection){
c$conn$peer_descr = peer_description;
}
--
Regards,
Matt Clemons
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150223/18ed158c/attachment.html
More information about the Bro
mailing list