[Bro] bro http message verbosity

[Mehmet EKICI]

Hi All,
Ping ?

From: bro-bounces at bro.org [mailto:bro-bounces at bro.org] On Behalf Of Mehmet EKICI
Sent: Monday, November 27, 2017 3:24 PM
To: bro at bro.org
Subject: [Bro] bro http message verbosity

Hi All,
We are trying to use bro to monitor http messages on a wire. We are getting very coarse logs and wonder how can we increase verbosity to see all the parsed message details in the log.

Bro version is 2.4.1

Here are some example  messages we get;

{"ts":"2017-11-27T12:14:29.850476Z","uid":"CvtiHbXu0dt9pdFMa","id.orig_h":"10.2.150.237","id.orig_p":42798,"id.resp_h":"10.2.150.226","id.resp_p":9441,"name":"inappropriate_FIN","notice":false,"peer":"bro"}
{"ts":"2017-11-27T12:14:33.578491Z","uid":"CuGJzp3JYtJLxu3NN1","id.orig_h":"10.2.150.226","id.orig_p":54376,"id.resp_h":"10.2.150.228","id.resp_p":6188,"name":"active_connection_reuse","notice":false,"peer":"bro"}
{"ts":"2017-11-27T12:14:33.578491Z","uid":"COJykR3r39KwcvIPae","id.orig_h":"10.2.150.228","id.orig_p":6188,"id.resp_h":"10.2.150.226","id.resp_p":54376,"name":"data_before_established","notice":false,"peer":"bro"}
{"ts":"2017-11-27T12:14:41.454466Z","uid":"CuKy3C1TkabD0KvC26","id.orig_h":"10.2.150.227","id.orig_p":38672,"id.resp_h":"10.2.150.226","id.resp_p":8020,"name":"data_before_established","notice":false,"peer":"bro"}
{"ts":"2017-11-27T12:14:43.578437Z","uid":"CFLCdn2bwXadx8g0al","id.orig_h":"10.2.150.226","id.orig_p":54378,"id.resp_h":"10.2.150.228","id.resp_p":6188,"name":"active_connection_reuse","notice":false,"peer":"bro"}
{"ts":"2017-11-27T12:14:43.578437Z","uid":"CKZBqUlmUlkdtvMDd","id.orig_h":"10.2.150.228","id.orig_p":6188,"id.resp_h":"10.2.150.226","id.resp_p":54378,"name":"data_before_established","notice":false,"peer":"bro"}

Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20171128/b9b97ada/attachment.html