-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsyslog-ng-addon.txt
24 lines (22 loc) · 1.6 KB
/
syslog-ng-addon.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
source s_bro_ftp { file("/nsm/bro/logs/current/ftp.log" flags(no-parse) program_override("bro_ftp")); };
source s_bro_weird { file("/nsm/bro/logs/current/weird.log" flags(no-parse) program_override("bro_weird")); };
source s_bro_tunnel { file("/nsm/bro/logs/current/tunnel.log" flags(no-parse) program_override("bro_tunnel")); };
source s_bro_software { file("/nsm/bro/logs/current/software.log" flags(no-parse) program_override("bro_software")); };
source s_bro_ssh { file("/nsm/bro/logs/current/ssh.log" flags(no-parse) program_override("bro_ssh")); };
source s_bro_syslog { file("/nsm/bro/logs/current/syslog.log" flags(no-parse) program_override("bro_syslog")); };
source s_bro_irc { file("/nsm/bro/logs/current/irc.log" flags(no-parse) program_override("bro_irc")); };
source s_bro_known_cert { file("/nsm/bro/logs/current/known_cert.log" flags(no-parse) program_override("bro_known_cert")); };
source s_bro_known_hosts { file("/nsm/bro/logs/current/known_hosts.log" flags(no-parse) program_override("bro_known_hosts")); };
source s_bro_known_services { file("/nsm/bro/logs/current/known_services.log" flags(no-parse) program_override("bro_known_services")); };
source s_bro_capture_loss { file("/nsm/bro/logs/current/capture_loss.log" flags(no-parse) program_override("bro_capture_loss")); };
source(s_bro_ftp);
source(s_bro_weird);
source(s_bro_tunnel);
source(s_bro_software);
source(s_bro_ssh);
source(s_bro_syslog);
source(s_bro_irc);
source(s_bro_known_cert);
source(s_bro_known_hosts);
source(s_bro_known_services);
source(s_bro_capture_loss);