Logs Conversion

Shahzaib_Shah · August 5, 2019, 9:29am

Hi there.
I have been collecting log file using bro and all the log file that I received is in .log file and I logs in .json formate. Is there any way to convert that log files into .json formate?? any idea??

I am trying to convert this using " sudo bro -i wlp1s0 -e ‘redef LogAscii::use_json=T;’ "

But getting no result.?

thanks regards

Syed Shahzaib

ericooi · August 5, 2019, 3:34pm

You can edit /opt/bro/share/bro/site/local.bro (assuming you’ve installed it to /opt/bro) and add "@load policy/tuning/json-logs.bro” (without quotes) and then redeploy Bro.

Topic		Replies	Views
Question : How can I change a particular log file format? Zeek	3	82	May 6, 2022
Bro logs from JSON to TSV Zeek	7	386	May 6, 2022
bro output log in different file names and format Zeek	3	76	May 6, 2022
bro_json-logs Zeek	6	110	May 6, 2022
Mixed logging format and corrupt gz files Zeek	1	95	May 6, 2022

Logs Conversion

Related Topics