Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add MAC addresses to connection record.

Browse source 
c$eth_src and c$eth_dst now contain the Ethernet address if available.
A new script protocols/conn/mac-logging.bro adds these to conn.log
when loaded.
This commit is contained in:
Robin Sommer 2016-05-29 13:27:21 -07:00
parent 35686fb93a
commit 57aef6d49f
20 changed files with 486 additions and 321 deletions
Download patch file Download diff file Expand all files Collapse all files

36
testing/btest/Baseline/core.ether-addrs/output Normal file
View file

@ -0,0 +1,36 @@
0:30:48:bd:3e:c4, 1:0:5e:0:0:fb
0:17:f2:d7:cf:65, 33:33:0:0:0:fb
0:17:f2:d7:cf:65, 1:0:5e:0:0:fb
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:24:7e:e0:1d:b5, 0:13:7f:be:8c:ff
0:13:7f:be:8c:ff, 0:e0:db:1:cf:4b
0:16:76:23:d9:e3, 1:0:5e:0:0:fb
f0:4d:a2:47:ba:25, ff:ff:ff:ff:ff:ff
f0:4d:a2:47:ba:25, 33:33:0:1:0:3
f0:4d:a2:47:ba:25, 1:0:5e:0:0:fc
f0:4d:a2:47:ba:25, 33:33:0:1:0:3
f0:4d:a2:47:ba:25, 1:0:5e:0:0:fc
0:23:32:b6:c:46, ff:ff:ff:ff:ff:ff
-, -
-, -