Hi,
Possible receive bro events with syslog daemon ?
possible coding function to convert all events in same function ?
(and on this new function, choice syslog / stdout / stderr ...)
Regards
Possible receive bro events with syslog daemon ?
Sorry, I don't fully get it -- do you mean generating events from syslog
or dumping events to syslog?
If it's the latter, a little hack can make it possible -- all events go
though EventMgr (see Event.cc). However, you may want to be careful in
printing the event parameters, some are large chunks of data, e.g. in
event http_entity_data.
Ruoming
Thanks Ruoming for quick answers
yes my question is how dumping bro events to syslog.
I have another question,
How receive bro events in centralized console mgmt ?
( syslog / redir stdout / *sql* / bro_tunnel / ... ?)
like snort/acid ?
Thanks again
Regards