Thank you for the response!
I just completed setting syslog-ng and now have the log files sending via syslog to Log Siphon now.
I agree, that it would be great to have it built into the framework directly.
Have a good day!
From: Jesse Bowling [mailto:email@example.com]
Sent: Wednesday, February 27, 2013 1:54 PM
To: Ron Jenkins
Subject: Re: [Bro] Bro IDS logging via Syslog
There is almost certainly a better way to do it within the Bro framework itself, but another option might be to use built in (?) rsyslog:
About halfway down there are instructions for using rsyslog's imfile module to syslog Bro's logs...
On Wed, Feb 27, 2013 at 1:51 PM, Ron Jenkins <firstname.lastname@example.org> wrote:
Is there a way to have Bro v2.1 send via Syslog along with a log file?
Ron Jenkins (SnortCP, VCP (3/4), MCNE, CNE6, MCP,CCNA)
RMJ Consulting, LLC. "Bringing Companies and Solutions Together"
Makers of Active Response System(ARS) & Log Siphon
Owner / Senior Architect
11715 Bricksome Ave STE B-7
Baton Rouge, LA 70816
7575 Jefferson Hwy #103
Baton Rouge, LA 70806
Log Siphon. http://www.logsiphon.com
Bro mailing list