[Bro] Combining fields from http.log and files.log
Vikram Basu
vikrambasu059 at gmail.com
Wed Aug 23 02:14:43 PDT 2017
Hi,
Is it possible to create a combined log file which will have some fields from Bro’s http.log file and some from Bro’s file.log file using the `fuid` field as the common field ?
When I download a file using HTTP connection, I get the name of the file in the http.log while the file size is present in the files.log
How can I correlate the information into a single log file ?
Regards
Vikram Basu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170823/d8262c99/attachment.html
More information about the Bro
mailing list