Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 05:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Updated header format (see #558)

Browse source
This commit is contained in:
Gilbert Clark gc355804@ohio.edu 2011-08-30 11:20:28 -07:00
parent b723ecd0e0
commit 3b411b69f3
54 changed files with 358 additions and 337 deletions
Download patch file Download diff file Expand all files Collapse all files

18
testing/btest/Baseline/policy.frameworks.logging.ascii-empty/ssh.log
View file

@ -1,9 +1,9 @@
PREFIX<>t|id.orig_h|id.orig_p|id.resp_h|id.resp_p|status|country|b
PREFIX<>path:'ssh'
PREFIX<>separator:'|'
PREFIX<>t=time|id.orig_h=addr|id.orig_p=port|id.resp_h=addr|id.resp_p=port|status=string|country=string|b=bool
1313294759.195743|1.2.3.4|1234|2.3.4.5|80|success|unknown|NOT-SET
1313294759.195743|1.2.3.4|1234|2.3.4.5|80|NOT-SET|US|NOT-SET
1313294759.195743|1.2.3.4|1234|2.3.4.5|80|failure|UK|NOT-SET
1313294759.195743|1.2.3.4|1234|2.3.4.5|80|NOT-SET|BR|NOT-SET
1313294759.195743|1.2.3.4|1234|2.3.4.5|80|failure|EMPTY|T
PREFIX<>separator \x7c
PREFIX<>fields|t|id.orig_h|id.orig_p|id.resp_h|id.resp_p|status|country|b
PREFIX<>types|time|addr|port|addr|port|string|string|bool
PREFIX<>path|ssh
1314727948.493595|1.2.3.4|1234|2.3.4.5|80|success|unknown|NOT-SET
1314727948.493595|1.2.3.4|1234|2.3.4.5|80|NOT-SET|US|NOT-SET
1314727948.493595|1.2.3.4|1234|2.3.4.5|80|failure|UK|NOT-SET
1314727948.493595|1.2.3.4|1234|2.3.4.5|80|NOT-SET|BR|NOT-SET
1314727948.493595|1.2.3.4|1234|2.3.4.5|80|failure|EMPTY|T