[Bro] host field
erik clark
philosnef at gmail.com
Tue Oct 4 09:15:26 PDT 2016
Ah shoot, but not in 2.4. Ok, thanks!
On Tue, Oct 4, 2016 at 12:14 PM, Seth Hall <seth at icir.org> wrote:
>
> > On Oct 4, 2016, at 11:13 AM, erik clark <philosnef at gmail.com> wrote:
> >
> > Is there a non-invasive way to rename the host field in bro log output?
>
> In 2.5....
>
> redef Log::default_field_name_map = {
> ["host"] = "something_else",
> };
>
> You can do this per-filter too, but this setting is a global default for
> all writers and filters.
>
> .Seth
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro.org/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20161004/0f47a35c/attachment.html
More information about the Bro
mailing list