On 11/6/17 8:16 AM, Seth Hall wrote:
Right now, Bro will print scientific notation in JSON
logs but we've
always tended to avoid it in the standard Bro log format. What does
everyone think about switching to allow scientific notation in the
standard log format? Daniel recently did some exploration of various
versions of awk and they all support scientific notation (I think that
was part of my concern a long time ago).
Actually, right now Bro uses scientific notation in JSON logs only
for very large values (such as 3.1e+15). For values very close to
zero (such as 1.2e-7), Bro will write "0" to a JSON log.