[Oisf-users] eve.log and event types

[Vieri]

________________________________
> From: Jason Ish <lists at unx.ca>

> Yes, you're going to have to edit the yaml. The set doesn't play nicely with lists, it might be 

> possible if these had "enabled" flags, but they don't. Their existence in the list enables them.

Too bad.

> Another option is to create a new YAML that includes the default, then re-define the outputs section.


Not bad.
I think I'll use this solution.

Thanks,

Vieri