[Bro] ASCII JSON log stream
Daniel Thayer
dnthayer at illinois.edu
Tue Jun 30 08:49:01 PDT 2015
On 06/30/2015 02:52 AM, Albert Zaharovits wrote:
> Hello,
>
> I am writing a bro script which creates a ASCII log stream. I would like JSON output only for this stream. I was able to turn on JSON output globally.
>
> Any idea?
>
> Albert
There is an example in the "Logging Framework" documentation that you
can use:
https://www.bro.org/sphinx/frameworks/logging.html#ascii-writer
Just replace "tsv" in the example with "use_json", and replace
Conn::LOG with your log stream ID.
More information about the Bro
mailing list