[Bro] How to modify dns.log
fasf safas
silusilusilu at gmail.com
Fri Jan 23 05:43:20 PST 2015
Hi,
i want to introduce two new fields in dns.log: i've tried to use a code
like this:
-----script.bro------
redef record DNS::Info += {
foo: bool &optional &log;
};
event DNS::log_dns (rec: DNS::Info)
{
if(condition)
rec$foo = T;
}
-------------------------
without any results.
For example if i want to modify conn.log, i can use
event connection_state_remove(c: connection)
For dns.log, which event should be called?
Thanks
Fab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150123/94a556b4/attachment.html
More information about the Bro
mailing list