[Bro] host field
Seth Hall
seth at icir.org
Tue Oct 4 09:14:45 PDT 2016
> On Oct 4, 2016, at 11:13 AM, erik clark <philosnef at gmail.com> wrote:
>
> Is there a non-invasive way to rename the host field in bro log output?
In 2.5....
redef Log::default_field_name_map = {
["host"] = "something_else",
};
You can do this per-filter too, but this setting is a global default for all writers and filters.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
More information about the Bro
mailing list