[Bro] How to get generated specific log files under DEFAULT path (e.g. notice.log)

Zick Zack justDoSports at gmx.de
Fri Dec 15 23:59:30 PST 2017


Hi Bro'ers

I have a problem to get generated a notice.log file with it's DEFAULT path.

Short description of my problem:

  * whenever I start Bro to do sth., I get generated some log-files
    (e.g. communication, http, ...) in a folder named /var/log/bro
  * however (also after a "deploy" command!), when I call e.g.
    "NOTICE([$note=***, $msg="***"])", I get NOT generated a notice.log
    file ANYWHERE on my VM
  * I can somehow circumvent that by manipulating the
    share/bro/base/frameworks/notice/main.bro file, when I explicitly
    set the $path variables in there to my absolute path like
    "/var/log/bro/notice"

Some background I already found out:

  * it is said in the Bro documentation NOT to change any files in the
    directories (and its sub-folders) from share/bro EXCEPT the
    share/bro/site-folder
  * I found out, all the modules for which the DEFAULT path log-file
    generation is working somehow load (directly or indirectly) the
    base/utils/paths or the base/utils/site modules

What I want:

  * getting generated my notice.log file without specifiying an absolute
    path; only the file-name (just like as it works for the other log
    files in my /var/log/bro folder)

Please help me to get my notice.log file WITHOUT manipulating files
which one should not touch!

Thanks alot in advance!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20171216/8ac17bd9/attachment.html 


More information about the Bro mailing list