base/frameworks/logging/writers/sqlite.bro

LogSQLite

Interface for the SQLite log writer. Redefinable options are available to tweak the output format of the SQLite reader.

See Logging To and Reading From SQLite Databases for an introduction on how to use the SQLite log writer.

The SQL writer currently supports one writer-specific filter option via config: setting tablename sets the name of the table that is used or created in the SQLite database. An example for this is given in the introduction mentioned above.

Namespace:LogSQLite
Source File:/scripts/base/frameworks/logging/writers/sqlite.bro

Summary

Redefinable Options

LogSQLite::empty_field: string &redef String to use for empty fields.
LogSQLite::set_separator: string &redef Separator between set elements.
LogSQLite::unset_field: string &redef String to use for an unset &optional field.

Detailed Interface

Redefinable Options

LogSQLite::empty_field
Type:string
Attributes:&redef
Default:"(empty)"

String to use for empty fields. This should be different from unset_field to make the output unambiguous.

LogSQLite::set_separator
Type:string
Attributes:&redef
Default:","

Separator between set elements.

LogSQLite::unset_field
Type:string
Attributes:&redef
Default:"-"

String to use for an unset &optional field.

Copyright 2016, The Bro Project. Last updated on January 10, 2019. Created using Sphinx 1.7.5.