Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add analyzer_confirmation and analyzer_violation events

Browse source
This commit is contained in:
Tim Wojtulewicz 2021-10-25 09:03:15 -07:00
parent 7bffd2eccd
commit 612212568a
96 changed files with 432 additions and 235 deletions
Download patch file Download diff file Expand all files Collapse all files

4
scripts/policy/frameworks/dpd/packet-segment-logging.zeek
View file

@ -11,7 +11,7 @@ module DPD;
export {
redef record Info += {
## A chunk of the payload that most likely resulted in the
## protocol violation.
## analyzer violation.
packet_segment: string &optional &log;
};
@ -20,7 +20,7 @@ export {
}
event protocol_violation(c: connection, atype: Analyzer::Tag, aid: count,
event analyzer_violation(c: connection, atype: AllAnalyzers::Tag, aid: count,
reason: string) &priority=4
{
if ( ! c?$dpd ) return;