[Bro] Overwriting logs
Bowen Li
newfire.bw at gmail.com
Tue Jun 26 19:52:24 PDT 2018
Hi John,
I think bro just truncate the log file, maybe you can do something in
Ascii::DoInit function in file /logging/writers/ascii/Ascii.cc to get what
you need.
Hope this will help you.
Bowen Li
john Y <yjohn9691 at gmail.com> 于2018年6月27日周三 上午4:21写道:
> Hello all!
> Need advice about a problem i have:
>
> I am initiating many bro command on dynamically incoming pcaps, such as:
> "bro -r some_file_name".
>
> On every run, logs are created in the same directory, but the next run
> rewrite those logs. How can bro create logs with uniqe log name foreach run?
>
> Also tried to add timestamp to the log name but did not find how to get
> current time.
>
> Love for your help,
> John
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180627/616a00f2/attachment.html
More information about the Bro
mailing list