mirror of
https://github.com/zeek/zeek.git
synced 2025-10-11 19:18:19 +00:00
Change doc/ subdir into a git submodule
The docs now live at https://github.com/zeek/zeek-docs
This commit is contained in:
parent
0d685efbf5
commit
2ff746fea7
693 changed files with 26 additions and 105609 deletions
|
@ -1,23 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/do_expire.bro
|
||||
=====================================
|
||||
.. bro:namespace:: Intel
|
||||
|
||||
This script enables expiration for intelligence items.
|
||||
|
||||
:Namespace: Intel
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
Redefinitions
|
||||
#############
|
||||
========================================================================= =
|
||||
:bro:id:`Intel::item_expiration`: :bro:type:`interval` :bro:attr:`&redef`
|
||||
========================================================================= =
|
||||
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,24 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/do_notice.bro
|
||||
=====================================
|
||||
.. bro:namespace:: Intel
|
||||
|
||||
This script enables notice generation for intelligence matches.
|
||||
|
||||
:Namespace: Intel
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`base/frameworks/notice </scripts/base/frameworks/notice/index>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
Redefinitions
|
||||
#############
|
||||
=============================================== =
|
||||
:bro:type:`Intel::MetaData`: :bro:type:`record`
|
||||
:bro:type:`Notice::Type`: :bro:type:`enum`
|
||||
=============================================== =
|
||||
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/__load__.bro
|
||||
=========================================
|
||||
|
||||
|
||||
:Imports: :doc:`policy/frameworks/intel/seen/conn-established.bro </scripts/policy/frameworks/intel/seen/conn-established.bro>`, :doc:`policy/frameworks/intel/seen/dns.bro </scripts/policy/frameworks/intel/seen/dns.bro>`, :doc:`policy/frameworks/intel/seen/file-hashes.bro </scripts/policy/frameworks/intel/seen/file-hashes.bro>`, :doc:`policy/frameworks/intel/seen/file-names.bro </scripts/policy/frameworks/intel/seen/file-names.bro>`, :doc:`policy/frameworks/intel/seen/http-headers.bro </scripts/policy/frameworks/intel/seen/http-headers.bro>`, :doc:`policy/frameworks/intel/seen/http-url.bro </scripts/policy/frameworks/intel/seen/http-url.bro>`, :doc:`policy/frameworks/intel/seen/pubkey-hashes.bro </scripts/policy/frameworks/intel/seen/pubkey-hashes.bro>`, :doc:`policy/frameworks/intel/seen/smtp-url-extraction.bro </scripts/policy/frameworks/intel/seen/smtp-url-extraction.bro>`, :doc:`policy/frameworks/intel/seen/smtp.bro </scripts/policy/frameworks/intel/seen/smtp.bro>`, :doc:`policy/frameworks/intel/seen/ssl.bro </scripts/policy/frameworks/intel/seen/ssl.bro>`, :doc:`policy/frameworks/intel/seen/x509.bro </scripts/policy/frameworks/intel/seen/x509.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/conn-established.bro
|
||||
=================================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/dns.bro
|
||||
====================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/file-hashes.bro
|
||||
============================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/file-names.bro
|
||||
===========================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/http-headers.bro
|
||||
=============================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`base/utils/addrs.bro </scripts/base/utils/addrs.bro>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/http-url.bro
|
||||
=========================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`base/protocols/http/utils.bro </scripts/base/protocols/http/utils.bro>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,46 +0,0 @@
|
|||
:orphan:
|
||||
|
||||
Package: policy/frameworks/intel/seen
|
||||
=====================================
|
||||
|
||||
Scripts that send data to the intelligence framework.
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/__load__.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/conn-established.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/where-locations.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/dns.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/file-hashes.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/file-names.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/http-headers.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/http-url.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/pubkey-hashes.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/ssl.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/smtp.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/smtp-url-extraction.bro`
|
||||
|
||||
|
||||
:doc:`/scripts/policy/frameworks/intel/seen/x509.bro`
|
||||
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/pubkey-hashes.bro
|
||||
==============================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`base/protocols/ssh </scripts/base/protocols/ssh/index>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/smtp-url-extraction.bro
|
||||
====================================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`base/protocols/smtp </scripts/base/protocols/smtp/index>`, :doc:`base/utils/urls.bro </scripts/base/utils/urls.bro>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/smtp.bro
|
||||
=====================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`base/protocols/smtp </scripts/base/protocols/smtp/index>`, :doc:`base/utils/email.bro </scripts/base/utils/email.bro>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/ssl.bro
|
||||
====================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`base/protocols/ssl </scripts/base/protocols/ssl/index>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/where-locations.bro
|
||||
================================================
|
||||
|
||||
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
Redefinitions
|
||||
#############
|
||||
========================================== =
|
||||
:bro:type:`Intel::Where`: :bro:type:`enum`
|
||||
========================================== =
|
||||
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/seen/x509.bro
|
||||
=====================================
|
||||
.. bro:namespace:: Intel
|
||||
|
||||
|
||||
:Namespace: Intel
|
||||
:Imports: :doc:`base/files/x509 </scripts/base/files/x509/index>`, :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`, :doc:`policy/frameworks/intel/seen/where-locations.bro </scripts/policy/frameworks/intel/seen/where-locations.bro>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
Runtime Options
|
||||
###############
|
||||
============================================================================================== =============================================================================
|
||||
:bro:id:`Intel::enable_x509_ext_subject_alternative_name`: :bro:type:`bool` :bro:attr:`&redef` Enables the extraction of subject alternate names from the X509 SAN DNS field
|
||||
============================================================================================== =============================================================================
|
||||
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
Runtime Options
|
||||
###############
|
||||
.. bro:id:: Intel::enable_x509_ext_subject_alternative_name
|
||||
|
||||
:Type: :bro:type:`bool`
|
||||
:Attributes: :bro:attr:`&redef`
|
||||
:Default: ``T``
|
||||
|
||||
Enables the extraction of subject alternate names from the X509 SAN DNS field
|
||||
|
||||
|
|
@ -1,23 +0,0 @@
|
|||
:tocdepth: 3
|
||||
|
||||
policy/frameworks/intel/whitelist.bro
|
||||
=====================================
|
||||
.. bro:namespace:: Intel
|
||||
|
||||
This script enables whitelisting for intelligence items.
|
||||
|
||||
:Namespace: Intel
|
||||
:Imports: :doc:`base/frameworks/intel </scripts/base/frameworks/intel/index>`
|
||||
|
||||
Summary
|
||||
~~~~~~~
|
||||
Redefinitions
|
||||
#############
|
||||
=============================================== =
|
||||
:bro:type:`Intel::MetaData`: :bro:type:`record`
|
||||
=============================================== =
|
||||
|
||||
|
||||
Detailed Interface
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
Loading…
Add table
Add a link
Reference in a new issue