[Bro] Disabling an analyzer in weird
James Lay
jlay at slave-tothe-box.net
Sat Mar 11 15:36:20 PST 2017
Thanks a bunch Jan...I'll give that a test and report my findings ☺
James
On Sat, 2017-03-11 at 21:46 +0100, Jan Grashöfer wrote:
> Hi James,
>
> >
> > Well I'm certainly close. Thanks to the redef I'm able to squelch
> > out a
> > lot of noise, but alas, not the binpac exception. If I disable
> > the
> > analyzer I don't get any syslog.log file, so that's not what I need
> > in
> > this case. I'll keep digging..thanks again for all the help.
> if that particular notice is not listed in Weird::actions you can
> still
> just filter manually. Something like that might work for you:
> http://try.bro.org/#/trybro/saved/130377
>
> Jan
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170311/d60ee067/attachment.html
More information about the Bro
mailing list