[Bro] Fwd: Sending Bro Logs to a Remote Syslog Server
Carl Forsythe
finalstatic at gmail.com
Wed Dec 28 23:06:58 PST 2016
The easiest way I've found to date is to use rsyslog to pick them up off
the file system.
A good template/starting point can be found at
https://github.com/lruppert/bro-scripts/blob/master/rsyslog/bro-ids.conf
Hope this helps.
-Carl
On Wed, Dec 28, 2016 at 6:58 PM, Michelle Crawley <
michelleacrawley at gmail.com> wrote:
> Hello,
>
> I am very new to Bro. I have an external Syslog server in my environment
> that I am trying to send logs to from Bro. I have been searching everywhere
> and following different tutorials/hints, but I am still having no luck. How
> should I go about doing this?
>
> Thanks,
> Michelle
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20161228/83d2d4e3/attachment.html
More information about the Bro
mailing list