[Bro] Send BRO logs over TCP/UDP

Sherif Eldeeb archeldeeb at gmail.com
Sun Jul 16 00:15:13 PDT 2017


I am aware that there are many ways to send bro logs to syslog/SIEM/etc.,
but as far as I understand they're all relying on reading/tailing the log
files created by bro then send them over to their destination (e.g.
logstash & NiFi).

Is it possible to send logs over TCP/UDP without having them written to
disk to be read by a third party app?

Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170716/05af24fb/attachment.html 


More information about the Bro mailing list