Logging in multiple formats

Carl_Forsythe · April 5, 2016, 1:59am

Hi All,
I’ve seen examples in how you can log everything in JSON, individual logs in JSON, or everything in the regular log format. I have a use case in which I would like to be able to log output in both JSON and the regular log format as I have a set of consumers that easily ingest JSON and a set that doesn’t enjoy it quite so much.

Is there a way to log in both formats easily similar to how Suricata can emit both JSON and other log types all at once?

Thanks,
Carl

Jan · April 5, 2016, 11:42am

Hi Carl,

Is there a way to log in both formats easily similar to how Suricata can
emit both JSON and other log types all at once?

once I ran into the same problem and wrote a small script that might
help: Additional JSON logging for Bro. · GitHub

It adds a filter to generate additional JSON logs for the configured log
streams.

Hope this helps,
Jan

Topic		Replies	Views
Multiple log streams Zeek	1	55	May 6, 2022
Writing logs to both ACII and JSON Zeek	11	61	May 6, 2022
Multiple log streams Zeek	2	61	May 6, 2022
bro output log in different file names and format Zeek	3	60	May 6, 2022
Store ASCII and JSON output format at the same time Zeek	4	54	May 6, 2022

Logging in multiple formats

Related Topics