Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-17 14:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Add SNMP datagram parsing support.

Browse source 
This supports parsing of SNMPv1 (RFC 1157), SNMPv2 (RFC 1901/3416), and
SNMPv2 (RFC 3412).  An event is raised for each SNMP PDU type, though
there's not currently any event handlers for them and not a default
snmp.log either.  However, simple presence of SNMP is currently visible
now in conn.log service field and known_services.log.
This commit is contained in:
Jon Siwek 2014-02-18 14:41:32 -06:00
parent ba81aa4387
commit a0c06a957b
38 changed files with 2345 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

11
testing/btest/Baseline/scripts.base.protocols.snmp.v1/out4 Normal file
View file

@ -0,0 +1,11 @@
snmp_trap
[orig_h=127.0.0.1, orig_p=57150/udp, resp_h=127.0.0.1, resp_p=162/udp]
is_orig: T
[community=public]
enterprise: 1.3.6.1.4.1.31337.0
agent: 1.0.0.127
generic_trap: 0
specific_trap: 0
time_stamp: 0
oid: 1.3.6.1.2.1.2.1.0
value (tag=0x02): 33