[Bro] Missing notice.log, have weird.log
Kenneth Goldman
kgoldman at us.ibm.com
Fri Jun 2 09:53:22 PDT 2017
> From: Seth Hall <seth at corelight.com>
> To: Kenneth Goldman <kgoldman at us.ibm.com>
> Cc: bro <bro at bro.org>
> Date: 05/31/2017 03:20 PM
> Subject: Re: [Bro] Missing notice.log, have weird.log
>
> On Wed, May 31, 2017 at 2:31 PM, Kenneth Goldman <kgoldman at us.ibm.com>
wrote:
> > The quick starter refers to a notice.log file. It's not being
created.
>
> Logs in Bro are created when they are written to. It's like that none
> of the scripts you have loaded are generating notices.
Should it generate notices "out of the box"? I have not done any
customization.
notice/main.bro says this, which I read to mean ignore nothing.
const ignored_types: set[Notice::Type] = {} &redef;
If I have to customize something to get notices, is there a tutorial
on how to do that?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170602/f9ee0677/attachment-0001.html
More information about the Bro
mailing list