Package: base/frameworks/logging/postprocessors
Support for postprocessors in the logging framework.
base/frameworks/logging/postprocessors/__load__.zeek
base/frameworks/logging/postprocessors/scp.zeek
This script defines a postprocessing function that can be applied to a logging filter in order to automatically SCP (secure copy) a log stream (or a subset of it) to a remote host at configurable rotation time intervals. Generally, to use this functionality you must handle the
zeek_init
event and do the following in your handler:
Create a new
Log::Filter
record that defines a name/path, rotation interval, and set thepostprocessor
toLog::scp_postprocessor
.Add the filter to a logging stream using
Log::add_filter
.Add a table entry to
Log::scp_destinations
for the filter’s writer/path pair which defines a set ofLog::SCPDestination
records.
base/frameworks/logging/postprocessors/sftp.zeek
This script defines a postprocessing function that can be applied to a logging filter in order to automatically SFTP a log stream (or a subset of it) to a remote host at configurable rotation time intervals. Generally, to use this functionality you must handle the
zeek_init
event and do the following in your handler:
Create a new
Log::Filter
record that defines a name/path, rotation interval, and set thepostprocessor
toLog::sftp_postprocessor
.Add the filter to a logging stream using
Log::add_filter
.Add a table entry to
Log::sftp_destinations
for the filter’s writer/path pair which defines a set ofLog::SFTPDestination
records.