[prev in list] [next in list] [prev in thread] [next in thread]
List: security-onion
Subject: Re: [security-onion] how to disable files.log and weird.log?
From: Ryan KJ <koegel.jones () gmail ! com>
Date: 2020-06-20 7:44:51
Message-ID: CAMsEu7xPhek_A-G=FgH=v9LNv36Dw=Ec=-_TfdV-vW5dZKecvw () mail ! gmail ! com
[Download RAW message or body]
If you get a file with the script below loaded in your local.bro, it should
disable the logs.
# Example to disable stream entirely.
event zeek_init()
{
Log::disable_stream(FILES::LOG);
Log::disable_stream(WEIRD::LOG);
}
On Sat, Jun 20, 2020, 09:13 gary tan <gary12315@126.com> wrote:
> I want to disable files.log and weird.log.But I cannot find how to disable
> its,please help!
>
> --
> Follow Security Onion on Twitter!
> https://twitter.com/securityonion
> ---
> You received this message because you are subscribed to the Google Groups
> "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to security-onion+unsubscribe@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/security-onion/ffa6baa9-ca23-486b-a17c-1a00e07a2408o%40googlegroups.com
> <https://groups.google.com/d/msgid/security-onion/ffa6baa9-ca23-486b-a17c-1a00e07a2408o%40googlegroups.com?utm_medium=email&utm_source=footer>
>
> .
>
--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups \
"security-onion" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to security-onion+unsubscribe@googlegroups.com. To view this \
discussion on the web visit \
https://groups.google.com/d/msgid/security-onion/CAMsEu7xPhek_A-G%3DFgH%3Dv9LNv36Dw%3DEc%3D-_TfdV-vW5dZKecvw%40mail.gmail.com.
[Attachment #3 (text/html)]
<div dir="auto"><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><font face="arial"><span \
style="font-size:14.6667px;white-space:pre-wrap">If you get a file with the script \
below loaded in your local.bro, it should disable the logs. </span></font></p><p \
dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:arial;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"><br></span></p><p \
dir="ltr" style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:arial;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"># \
Example to disable stream entirely. </span></p><br><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:arial;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap">event \
zeek_init()</span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:arial;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"> \
{</span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:arial;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"> \
Log::disable_stream(FILES::LOG);</span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:arial;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"> \
Log::disable_stream(WEIRD::LOG);</span></p><p dir="ltr" \
style="line-height:1.38;margin-top:0pt;margin-bottom:0pt"><span \
style="font-size:11pt;font-family:arial;font-variant-numeric:normal;font-variant-east-asian:normal;vertical-align:baseline;white-space:pre-wrap"> \
}</span></p><div dir="auto"><br></div><div dir="auto"><br></div><br><div \
class="gmail_quote" dir="auto"><div dir="ltr" class="gmail_attr">On Sat, Jun 20, \
2020, 09:13 gary tan <<a href="mailto:gary12315@126.com">gary12315@126.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><font size="4">I \
want to disable files.log and weird.log.But I cannot find how to disable its,please \
help!</font></div>
<p></p>
-- <br>
Follow Security Onion on Twitter!<br>
<a href="https://twitter.com/securityonion" target="_blank" \
rel="noreferrer">https://twitter.com/securityonion</a><br>
--- <br>
You received this message because you are subscribed to the Google Groups \
"security-onion" group.<br> To unsubscribe from this group and stop \
receiving emails from it, send an email to <a \
href="mailto:security-onion+unsubscribe@googlegroups.com" target="_blank" \
rel="noreferrer">security-onion+unsubscribe@googlegroups.com</a>.<br> To view this \
discussion on the web visit <a \
href="https://groups.google.com/d/msgid/security-onion/ffa6baa9-ca23-486b-a17c-1a00e07a2408o%40googlegroups.com?utm_medium=email&utm_source=footer" \
target="_blank" rel="noreferrer">https://groups.google.com/d/msgid/security-onion/ffa6baa9-ca23-486b-a17c-1a00e07a2408o%40googlegroups.com</a>.<br>
</blockquote></div></div>
<p></p>
-- <br />
Follow Security Onion on Twitter!<br />
<a href="https://twitter.com/securityonion">https://twitter.com/securityonion</a><br \
/>
--- <br />
You received this message because you are subscribed to the Google Groups \
"security-onion" group.<br /> To unsubscribe from this group and stop \
receiving emails from it, send an email to <a \
href="mailto:security-onion+unsubscribe@googlegroups.com">security-onion+unsubscribe@googlegroups.com</a>.<br \
/> To view this discussion on the web visit <a \
href="https://groups.google.com/d/msgid/security-onion/CAMsEu7xPhek_A-G%3DFgH%3Dv9LNv3 \
6Dw%3DEc%3D-_TfdV-vW5dZKecvw%40mail.gmail.com?utm_medium=email&utm_source=footer">http \
s://groups.google.com/d/msgid/security-onion/CAMsEu7xPhek_A-G%3DFgH%3Dv9LNv36Dw%3DEc%3D-_TfdV-vW5dZKecvw%40mail.gmail.com</a>.<br \
/>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic