On Fri, Apr 29, 2011 at 5:05 PM, Seth Hall <[email protected]> wrote: > > > On Apr 29, 4:08 pm, "dan (ddp)" <[email protected]> wrote: > >> The rules as written required bro-ids to alert via syslog, watching >> the individual bro-ids logs would be quite intensive and not all of >> the formats were really easily parsed. > > This is changing for the next release of Bro which will use tab > separated columns as the default for text based output. The new logs > will be much more comprehensive than the old logs and much easier to > parse. :) > > .Seth >
Is this the 1.6 branch? Sounds really nice! Can't wait. > -- > Seth Hall > International Computer Science Institute > (Bro) because everyone has a network > http://www.bro-ids.org/ >
