[Bro] host field

Seth Hall seth at icir.org
Tue Oct 4 19:49:09 PDT 2016

> On Oct 4, 2016, at 12:39 PM, James Lay <jlay at slave-tothe-box.net> wrote:
> "You can disable the check which prohibits dots in field names by 
> starting Elasticsearch as follows:

Haha, I replied to the other email before reading the whole thread.  I recommend this method instead!


Seth Hall
International Computer Science Institute
(Bro) because everyone has a network

More information about the Bro mailing list