45 lines
1.9 KiB
ReStructuredText
45 lines
1.9 KiB
ReStructuredText
:orphan:
|
|
|
|
Package: base/frameworks/logging/postprocessors
|
|
===============================================
|
|
|
|
Support for postprocessors in the logging framework.
|
|
|
|
:doc:`/scripts/base/frameworks/logging/postprocessors/__load__.zeek`
|
|
|
|
|
|
:doc:`/scripts/base/frameworks/logging/postprocessors/scp.zeek`
|
|
|
|
This script defines a postprocessing function that can be applied
|
|
to a logging filter in order to automatically SCP (secure copy)
|
|
a log stream (or a subset of it) to a remote host at configurable
|
|
rotation time intervals. Generally, to use this functionality
|
|
you must handle the :zeek:id:`zeek_init` event and do the following
|
|
in your handler:
|
|
|
|
1) Create a new :zeek:type:`Log::Filter` record that defines a name/path,
|
|
rotation interval, and set the ``postprocessor`` to
|
|
:zeek:id:`Log::scp_postprocessor`.
|
|
2) Add the filter to a logging stream using :zeek:id:`Log::add_filter`.
|
|
3) Add a table entry to :zeek:id:`Log::scp_destinations` for the filter's
|
|
writer/path pair which defines a set of :zeek:type:`Log::SCPDestination`
|
|
records.
|
|
|
|
:doc:`/scripts/base/frameworks/logging/postprocessors/sftp.zeek`
|
|
|
|
This script defines a postprocessing function that can be applied
|
|
to a logging filter in order to automatically SFTP
|
|
a log stream (or a subset of it) to a remote host at configurable
|
|
rotation time intervals. Generally, to use this functionality
|
|
you must handle the :zeek:id:`zeek_init` event and do the following
|
|
in your handler:
|
|
|
|
1) Create a new :zeek:type:`Log::Filter` record that defines a name/path,
|
|
rotation interval, and set the ``postprocessor`` to
|
|
:zeek:id:`Log::sftp_postprocessor`.
|
|
2) Add the filter to a logging stream using :zeek:id:`Log::add_filter`.
|
|
3) Add a table entry to :zeek:id:`Log::sftp_destinations` for the filter's
|
|
writer/path pair which defines a set of :zeek:type:`Log::SFTPDestination`
|
|
records.
|
|
|