Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

FileAnalysis: replace script-layer IRC file analysis.

Browse source
This commit is contained in:
Jon Siwek 2013-03-27 14:02:20 -05:00
parent 7e895a3a2f
commit 27e47f0a57
7 changed files with 138 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

6
testing/btest/Baseline/scripts.base.protocols.irc.basic/irc.log
View file

@ -3,11 +3,11 @@
#empty_field (empty)
#unset_field -
#path irc
#open 2011-07-20-19-12-44
#open 2013-03-27-18-51-40
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p nick user command value addl dcc_file_name dcc_file_size extraction_file
#types time string addr port addr port string string string string string string count file
#types time string addr port addr port string string string string string string count string
1311189164.119437 UWkUyAuUGXf 192.168.1.77 57640 66.198.80.67 6667 - - NICK bloed - - - -
1311189164.119437 UWkUyAuUGXf 192.168.1.77 57640 66.198.80.67 6667 bloed - USER sdkfje sdkfje Montreal.QC.CA.Undernet.org dkdkrwq - - -
1311189174.474127 UWkUyAuUGXf 192.168.1.77 57640 66.198.80.67 6667 bloed sdkfje JOIN #easymovies (empty) - - -
1311189316.326025 UWkUyAuUGXf 192.168.1.77 57640 66.198.80.67 6667 bloed sdkfje DCC #easymovies (empty) ladyvampress-default(2011-07-07)-OS.zip 42208 -
#close 2011-07-20-19-15-42
#close 2013-03-27-18-51-40