Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Rename protocol_id field to ip_proto and similar renaming for name field

Browse source
This commit is contained in:
Tim Wojtulewicz 2024-11-07 14:21:19 -07:00
parent d0896e81d6
commit 5e5aceb6f7
140 changed files with 214 additions and 212 deletions
Download patch file Download diff file Expand all files Collapse all files

2
testing/btest/Baseline/scripts.base.protocols.ssh.basic/conn.log
View file

@ -5,7 +5,7 @@
#unset_field -
#path conn
#open XXXX-XX-XX-XX-XX-XX
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents protocol_id
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents ip_proto
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] count
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.1.79 51880 131.159.21.1 22 tcp ssh 6.159326 2669 2501 SF T F 0 ShAdDaFf 25 3981 20 3549 - 6
XXXXXXXXXX.XXXXXX ClEkJM2Vm5giqnMf4h 10.0.0.18 40184 128.2.6.88 41644 tcp ssh 2.079071 3813 3633 SF T F 0 ShADadFf 22 4965 26 5017 - 6