[Bro] Disable Log Stream but not the analyzers
Azoff, Justin S
jazoff at illinois.edu
Wed Nov 21 13:03:23 PST 2018
Hi,
Using
Log::remove_default_filter(HTTP::LOG);
instead of disable_stream should do what you want.
________________________________
From: bro-bounces at bro.org <bro-bounces at bro.org> on behalf of Alex Kefallonitis <al.kefallonitis at gmail.com>
Sent: Wednesday, November 21, 2018 4:28:32 AM
To: Bro at bro.org
Subject: [Bro] Disable Log Stream but not the analyzers
I have disabled the Log Stream for HTTP :
event bro_init()
{
Log::disable_stream(HTTP::LOG);
}
But i want scripts using HTTP protocol to work e.g https://raw.githubusercontent.com/sethhall/bro-scripts/master/top-websites.bro<https://urldefense.proofpoint.com/v2/url?u=https-3A__raw.githubusercontent.com_sethhall_bro-2Dscripts_master_top-2Dwebsites.bro&d=DwMFaQ&c=OCIEmEwdEq_aNlsP4fF3gFqSN-E3mlr2t9JcDdfOZag&r=JB1gr8Q2U3j_GvRbWa2WDpXSSrvReahkLBFDmdXlCh0&m=Upw7RnEppKcwibJKc4KDIUBeI-V2RkeYtIWL5FNnXH0&s=CC6T1M5j865G11CwDqWWObidSeRZpMkhelQhnJtSHXw&e=>
Is there any other way to do it ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20181121/6ff6c75e/attachment.html
More information about the Bro
mailing list