Is there any way to determine the current bro version from the conn.log file?
I have an application that parses conn.logs and I don't currently see anything in the header that details a version number
Is there any way to determine the current bro version from the conn.log file?
I have an application that parses conn.logs and I don't currently see anything in the header that details a version number
If your logs are in TSV format, the header information provides a schema:
In JSON, no such header or schema currently exists. I would suggest basing your processing on known fields and their types, e.g. based on the TSV output.