[Zeek] syslog

Johanna Amann johanna at corelight.com
Wed Jun 24 15:48:06 PDT 2020


Hi Scot,

> Does zeek have support to send syslog events?

It has basic support to send stuff to syslog - there is a syslog 
function: 
https://docs.zeek.org/en/current/scripts/base/bif/zeek.bif.zeek.html#id-syslog

Note - this is not really nicely tied into anything. However it should 
in principle work - it is a very thin layer around the libc syslog call.

Johanna


More information about the Zeek mailing list