[Bro] saving packet content to disk

[Tom B]

Is there a way to save the packet content to disk, for example, when
detecting the http_header event matching certain criteria (host name), how
can I get the packet payload (http_entity_data ?) and save to disk in
binary form ?
Do I need to create custom writer ?

My apology for any confusion since I am new to BRO.

Thanks,
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170606/953aff10/attachment.html