What is the best practice for disabling a Base script? For example, I would like to disable syslog monitoring all together. I have included the following in my local.bro:
This disables the logging of syslog messages, but does it prevent Bro from loading the base/protocols/syslog scripts? If not, what is the best practice for doing so? I’m trying to tune/tweak bro for best performance.