This change was needed to enable Bro's output as json logs. This log format it's easier to parse in Python and it better supports further development, extraction of useful traffic metadata, etc. The code of logparser.py module it's now easier to read and understand.
Type of change
Please delete options that are not relevant.
[ ] New feature (non-breaking change which adds functionality)
How Has This Been Tested?
[ ] All alert types were tested using my RPi 3 dev device.
Description
This change was needed to enable Bro's output as json logs. This log format it's easier to parse in Python and it better supports further development, extraction of useful traffic metadata, etc. The code of logparser.py module it's now easier to read and understand.
Type of change
Please delete options that are not relevant.
How Has This Been Tested?
Test Configuration: