[Zeek] Zeek and json output question

Allen, Brian brianallen at wustl.edu
Thu Jan 23 13:35:44 PST 2020


Hi All-
I want to run a test, but I don’t want to use all my zeek cluster data.  I do know how to output all my zeek logs in JSON output, but how can I output just a single log to JSON output (like the ftp.log<ftp://ftp.log>)?

What I’m looking for:  All the zeek logs output like normal (tab separated), PLUS the FTP log is output in JSON format as well.  Can I break one out or is it all or nothing?

Thank you,
-Brian


________________________________
The materials in this message are private and may contain Protected Healthcare Information or other information of a sensitive nature. If you are not the intended recipient, be advised that any unauthorized use, disclosure, copying or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error, please immediately notify the sender via telephone or return mail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200123/cf030dc7/attachment.html 


More information about the Zeek mailing list