[Zeek] Mixed logging format and corrupt gz files
Mustafa Qasim
alajal at gmail.com
Sun Mar 3 23:20:02 PST 2019
Hi,
I've a bro 2.6.1 instance runnign on CentOS 7. I encountered the following
error while trying to consume the rotated logs from last couple weeks. I've
json logging applied and all the current hour logs in the "logs/current"
are in json format.
I tried uncompressing few some logs files from last week and observed that
only few files at random are in json and reset are in standard format.
There is no order in how the json logs appear.
Second, I'm unable to uncompress some logs and get the error " invalid
compressed data--format violated". This error is also random and doesn't
hint at a limited time overall system glitch.
Has anyone encountered such an issue?
------
*Mustafa Qasim*
PGP: C57E0A7C
<http://pgp.mit.edu/pks/lookup?op=get&search=0x0A9C8A5EC57E0A7C>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190304/b77c5966/attachment.html
More information about the Zeek
mailing list