=================
List of Log Files
=================

As a monitoring tool, Bro records a detailed view of the traffic inspected 
and the events generated in a series of relevant log files. These files can 
later be reviewed for monitoring, auditing and troubleshooting purposes.

Listed below are the log files generated by Bro, a brief description of the 
log file, and links to descriptions of some of the fields for each log type.

+-----------------+---------------------------------------+------------------------------+
| Log File        | Description                           | Field Descriptions           |
+=================+=======================================+==============================+
| http.log        | Shows all HTTP requests and replies   | :bro:type:`HTTP::Info`       |
+-----------------+---------------------------------------+------------------------------+
| ftp.log         | Records FTP activity                  | :bro:type:`FTP::Info`        |
+-----------------+---------------------------------------+------------------------------+
| ssl.log         | Records SSL sessions including        | :bro:type:`SSL::Info`        |
|                 | certificates used                     |                              |
+-----------------+---------------------------------------+------------------------------+
| known_certs.log | Includes SSL certificates used        | :bro:type:`Known::CertsInfo` |
+-----------------+---------------------------------------+------------------------------+
| smtp.log        | Summarizes SMTP traffic on a network  | :bro:type:`SMTP::Info`       |
+-----------------+---------------------------------------+------------------------------+
| dns.log         | Shows all DNS activity on a network   | :bro:type:`DNS::Info`        |
+-----------------+---------------------------------------+------------------------------+
| conn.log        | Records all connections seen by Bro   | :bro:type:`Conn::Info`       |
+-----------------+---------------------------------------+------------------------------+
| dpd.log         | Shows network activity on             | :bro:type:`DPD::Info`        |
|                 | non-standard ports                    |                              |
+-----------------+---------------------------------------+------------------------------+
| files.log       | Records information about all files   | :bro:type:`Files::Info`      |
|                 | transmitted over the network          |                              |
+-----------------+---------------------------------------+------------------------------+
| weird.log       | Records unexpected protocol-level     | :bro:type:`Weird::Info`      |
|                 | activity                              |                              |
+-----------------+---------------------------------------+------------------------------+