[Bro] Json output
David
elhijo at 0lim.net
Thu Nov 17 01:57:47 PST 2016
Hi,
I'm probably missing something somewhere but when output log in json
format I'm missing some information.
Here is an ascii output:
479376326.037159 CAehBQ1VNmICCPUhGk X.X.X.X 36211
212.27.48.10 80 1 GET free.fr / -
Lynx/2.8.7rel.2 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/1.0.1i 0
154 302 Moved Temporarily - - - (empty)
- - - - - F6XUb56IvHftrZKH6 text/html
Here is the json one:
{"ts":"2016-11-17T09:52:40.953982Z","uid":"CPRQ0t2QzUecwZtHn4","id.orig_h":"X.X.X.X","id.orig_p":55750,"id.resp_h":"212.27.48.10","id.resp_p":80,"trans_depth":1,"version":"1.1","request_body_len":0,"response_body_len":154,"status_code":302,"status_msg":"Moved
Temporarily","tags":[],"resp_fuids":["Fh69hd1zG4Giojep18"],"resp_mime_types":["text/html"]}
method, host, uri, referrer, user_agent and others are missing in json.
Is there a way to add them ?
Thanks,
David
More information about the Bro
mailing list