[Bro] Is there a way to use "bro-cut -d" automatically during log parsing?
Dave Florek
dave.a.florek at gmail.com
Fri Aug 12 12:14:51 PDT 2016
Thank you,
I'll take a look at this.
On Fri, Aug 12, 2016 at 1:34 PM, Daniel Thayer <dnthayer at illinois.edu>
wrote:
> You could create a shell script wrapper that contains this:
> bro-cut -d "$@"
>
> And then just use that script instead of bro-cut.
>
>
>
> On 08/12/2016 10:54 AM, Dave Florek wrote:
>
>> Hi,
>>
>> Is there a way to use "bro-cut -d" automatically during log parsing so
>> when I open the Bro Logs, they're all in EST instead of Epoch?
>>
>> Thanks in advance,
>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160812/e7746d1d/attachment.html
More information about the Bro
mailing list