Hi,
Is there a way to use “bro-cut -d” automatically during log parsing so when I open the Bro Logs, they’re all in EST instead of Epoch?
Thanks in advance,
You could create a shell script wrapper that contains this:
bro-cut -d "$@"
And then just use that script instead of bro-cut.
Thank you,
I’ll take a look at this.