[Zeek] Generate New Log using Customized Script
Muhammad Hasif Sulaiman
hasifsulaiman94 at gmail.com
Thu May 23 19:09:59 PDT 2019
Hi,
I need help with some script i customized. Basically the script is to log
http header. I don't want to mess the original http log, so i tried to
create a new log file to log some field similar with the original http log
along with the http header. I tested the script on http://try.bro.org and
was able to execute the script, also I tested the script to analyze live
traffic from an interface using "*bro -i en0 <list of scripts to load>*"
command with success. But when i load the script on local.bro and restart
bro service, the logger crashed. I'm not sure if the script is the cause or
something else is.
on local.bro file i have included *@load protocols/http/httpheaders line*.
The script is located
*/usr/src/bro-2.6.1/scripts/base/protocols/http/httpheaders.bro*
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190524/7a897a9f/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: httpheaders.bro
Type: application/octet-stream
Size: 6139 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190524/7a897a9f/attachment.obj
More information about the Zeek
mailing list