> Topic :) I'd like to have bro not dump non-rfc compliant syslog > messages in the weird file. How can I go about doing that? Thank you. Add a filter for the log might be an option: https://www.bro.org/sphinx-git/frameworks/logging.html#filter-log-records Jan