Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-08 09:38:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

FileAnalysis: add binary input reader and BIFs for sending in data.

Browse source 
This allows the input framework to feed files in to Bro for analysis.
This commit is contained in:
Jon Siwek 2013-03-06 12:59:54 -06:00
parent c330b46128
commit 00b2d34a8e
14 changed files with 399 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

6
scripts/base/frameworks/file-analysis/main.bro
View file

@ -51,8 +51,10 @@ export {
## from a container file as part of the analysis.
parent_file_id: string &log &optional;
## The network protocol over which the file was transferred.
protocol: string &log &optional;
## An identification of the source of the file data. E.g. it may be
## a network protocol over which it was transferred, or a local file
## path which was read, or some other input source.
source: string &log &optional;
## The set of connections over which the file was transferred,
## indicated by UID strings.