mirror of
https://github.com/zeek/zeek.git
synced 2025-10-16 13:38:19 +00:00
Merge remote-tracking branch 'origin/master' into topic/johanna/config
This commit is contained in:
Johanna Amann
commit
ac9fd000e0
144 changed files with 2768 additions and 2088 deletions
|
|
@ -258,7 +258,7 @@
|
|||
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1511991433.194848, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1517265611.845833, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Communication::LOG)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Config::LOG)) -> <no result>
|
||||
|
|
@ -347,6 +347,50 @@
|
|||
0.000000 MetaHookPost CallFunction(Log::add_filter, <frame>, (Weird::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_filter, <frame>, (X509::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_filter, <frame>, (mysql::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Cluster::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Communication::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Config::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Conn::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (DCE_RPC::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (DHCP::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (DNP3::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (DNS::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (DPD::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (FTP::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Files::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (HTTP::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (IRC::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Intel::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (KRB::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Modbus::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (NTLM::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (NetControl::CATCH_RELEASE, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (NetControl::DROP, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (NetControl::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (NetControl::SHUNT, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Notice::ALARM_LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Notice::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (OpenFlow::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (PE::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (PacketFilter::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (RADIUS::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (RDP::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (RFB::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Reporter::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (SIP::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (SMTP::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (SNMP::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (SOCKS::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (SSH::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (SSL::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Signatures::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Software::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Syslog::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Tunnel::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Unified2::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (Weird::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (X509::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::add_stream_filters, <frame>, (mysql::LOG, default)) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (Config::LOG, [columns=<no value description>, ev=Config::log_config, path=config])) -> <no result>
|
||||
|
|
@ -391,7 +435,7 @@
|
|||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1511991433.194848, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1517265611.845833, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(NetControl::init, <null>, ()) -> <no result>
|
||||
0.000000 MetaHookPost CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
|
||||
|
|
@ -1003,7 +1047,7 @@
|
|||
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1511991433.194848, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1517265611.845833, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Communication::LOG))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Config::LOG))
|
||||
|
|
@ -1092,6 +1136,50 @@
|
|||
0.000000 MetaHookPre CallFunction(Log::add_filter, <frame>, (Weird::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}]))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_filter, <frame>, (X509::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}]))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_filter, <frame>, (mysql::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}]))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Cluster::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Communication::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Config::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Conn::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (DCE_RPC::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (DHCP::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (DNP3::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (DNS::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (DPD::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (FTP::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Files::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (HTTP::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (IRC::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Intel::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (KRB::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Modbus::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (NTLM::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (NetControl::CATCH_RELEASE, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (NetControl::DROP, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (NetControl::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (NetControl::SHUNT, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Notice::ALARM_LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Notice::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (OpenFlow::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (PE::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (PacketFilter::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (RADIUS::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (RDP::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (RFB::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Reporter::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (SIP::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (SMTP::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (SNMP::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (SOCKS::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (SSH::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (SSL::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Signatures::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Software::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Syslog::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Tunnel::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Unified2::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (Weird::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (X509::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::add_stream_filters, <frame>, (mysql::LOG, default))
|
||||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster]))
|
||||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication]))
|
||||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (Config::LOG, [columns=<no value description>, ev=Config::log_config, path=config]))
|
||||
|
|
@ -1136,7 +1224,7 @@
|
|||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
|
||||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
|
||||
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
|
||||
0.000000 MetaHookPre CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1511991433.194848, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1517265611.845833, node=bro, filter=ip or not ip, init=T, success=T]))
|
||||
0.000000 MetaHookPre CallFunction(NetControl::check_plugins, <frame>, ())
|
||||
0.000000 MetaHookPre CallFunction(NetControl::init, <null>, ())
|
||||
0.000000 MetaHookPre CallFunction(Notice::want_pp, <frame>, ())
|
||||
|
|
@ -1747,7 +1835,7 @@
|
|||
0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
|
||||
0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
|
||||
0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
|
||||
0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1511991433.194848, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1517265611.845833, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
|
||||
0.000000 | HookCallFunction Log::add_default_filter(Communication::LOG)
|
||||
0.000000 | HookCallFunction Log::add_default_filter(Config::LOG)
|
||||
|
|
@ -1836,6 +1924,50 @@
|
|||
0.000000 | HookCallFunction Log::add_filter(Weird::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}])
|
||||
0.000000 | HookCallFunction Log::add_filter(X509::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}])
|
||||
0.000000 | HookCallFunction Log::add_filter(mysql::LOG, [name=default, writer=Log::WRITER_ASCII, pred=<uninitialized>, path=<uninitialized>, path_func=<uninitialized>, include=<uninitialized>, exclude=<uninitialized>, log_local=T, log_remote=T, field_name_map={}, scope_sep=., ext_prefix=_, ext_func=anonymous-function, interv=0 secs, postprocessor=<uninitialized>, config={}])
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Cluster::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Communication::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Config::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Conn::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(DCE_RPC::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(DHCP::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(DNP3::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(DNS::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(DPD::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(FTP::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Files::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(HTTP::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(IRC::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Intel::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(KRB::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Modbus::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(NTLM::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(NetControl::CATCH_RELEASE, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(NetControl::DROP, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(NetControl::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(NetControl::SHUNT, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Notice::ALARM_LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Notice::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(OpenFlow::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(PE::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(PacketFilter::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(RADIUS::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(RDP::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(RFB::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Reporter::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(SIP::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(SMTP::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(SNMP::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(SOCKS::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(SSH::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(SSL::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Signatures::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Software::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Syslog::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Tunnel::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Unified2::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(Weird::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(X509::LOG, default)
|
||||
0.000000 | HookCallFunction Log::add_stream_filters(mysql::LOG, default)
|
||||
0.000000 | HookCallFunction Log::create_stream(Cluster::LOG, [columns=<no value description>, ev=<uninitialized>, path=cluster])
|
||||
0.000000 | HookCallFunction Log::create_stream(Communication::LOG, [columns=<no value description>, ev=<uninitialized>, path=communication])
|
||||
0.000000 | HookCallFunction Log::create_stream(Config::LOG, [columns=<no value description>, ev=Config::log_config, path=config])
|
||||
|
|
@ -1880,7 +2012,7 @@
|
|||
0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
|
||||
0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
|
||||
0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
|
||||
0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1511991433.194848, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1517265611.845833, node=bro, filter=ip or not ip, init=T, success=T])
|
||||
0.000000 | HookCallFunction NetControl::check_plugins()
|
||||
0.000000 | HookCallFunction NetControl::init()
|
||||
0.000000 | HookCallFunction Notice::want_pp()
|
||||
|
|
@ -2228,7 +2360,7 @@
|
|||
0.000000 | HookLoadFile base<...>/x509
|
||||
0.000000 | HookLoadFile base<...>/xmpp
|
||||
0.000000 | HookLogInit packet_filter 1/1 {ts (time), node (string), filter (string), init (bool), success (bool)}
|
||||
0.000000 | HookLogWrite packet_filter [ts=1511991433.194848, node=bro, filter=ip or not ip, init=T, success=T]
|
||||
0.000000 | HookLogWrite packet_filter [ts=1517265611.845833, node=bro, filter=ip or not ip, init=T, success=T]
|
||||
0.000000 | HookQueueEvent NetControl::init()
|
||||
0.000000 | HookQueueEvent bro_init()
|
||||
0.000000 | HookQueueEvent filter_change_tracking()
|
||||
|
|
@ -2684,8 +2816,8 @@
|
|||
1362692527.080972 MetaHookPost CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(KRB::do_log, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(KRB::fill_in_subjects, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(Log::__write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(Log::write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(Log::__write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=<uninitialized>])) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(Log::write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=<uninitialized>])) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(bro_done, <null>, ()) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)) -> <no result>
|
||||
1362692527.080972 MetaHookPost CallFunction(connection_state_remove, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])) -> <no result>
|
||||
|
|
@ -2717,8 +2849,8 @@
|
|||
1362692527.080972 MetaHookPre CallFunction(HTTP::get_file_handle, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T))
|
||||
1362692527.080972 MetaHookPre CallFunction(KRB::do_log, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
|
||||
1362692527.080972 MetaHookPre CallFunction(KRB::fill_in_subjects, <frame>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
|
||||
1362692527.080972 MetaHookPre CallFunction(Log::__write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}]))
|
||||
1362692527.080972 MetaHookPre CallFunction(Log::write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}]))
|
||||
1362692527.080972 MetaHookPre CallFunction(Log::__write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=<uninitialized>]))
|
||||
1362692527.080972 MetaHookPre CallFunction(Log::write, <frame>, (Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=<uninitialized>]))
|
||||
1362692527.080972 MetaHookPre CallFunction(bro_done, <null>, ())
|
||||
1362692527.080972 MetaHookPre CallFunction(cat, <frame>, (Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80))
|
||||
1362692527.080972 MetaHookPre CallFunction(connection_state_remove, <null>, ([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>]))
|
||||
|
|
@ -2751,8 +2883,8 @@
|
|||
1362692527.080972 | HookCallFunction HTTP::get_file_handle([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>], T)
|
||||
1362692527.080972 | HookCallFunction KRB::do_log([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
|
||||
1362692527.080972 | HookCallFunction KRB::fill_in_subjects([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
|
||||
1362692527.080972 | HookCallFunction Log::__write(Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])
|
||||
1362692527.080972 | HookCallFunction Log::write(Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents={}])
|
||||
1362692527.080972 | HookCallFunction Log::__write(Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=<uninitialized>])
|
||||
1362692527.080972 | HookCallFunction Log::write(Conn::LOG, [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id=[orig_h=141.142.228.5, orig_p=59856<...>/tcp], proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=<uninitialized>])
|
||||
1362692527.080972 | HookCallFunction bro_done()
|
||||
1362692527.080972 | HookCallFunction cat(Analyzer::ANALYZER_HTTP, 1362692526.869344, T, 1, 1, 141.142.228.5:59856 > 192.150.187.43:80)
|
||||
1362692527.080972 | HookCallFunction connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
|
||||
|
|
@ -2770,7 +2902,7 @@
|
|||
1362692527.080972 | HookCallFunction to_lower(HTTP)
|
||||
1362692527.080972 | HookDrainEvents
|
||||
1362692527.080972 | HookLogInit conn 1/1 {ts (time), uid (string), id.orig_h (addr), id.orig_p (port), id.resp_h (addr), id.resp_p (port), proto (enum), service (string), duration (interval), orig_bytes (count), resp_bytes (count), conn_state (string), local_orig (bool), local_resp (bool), missed_bytes (count), history (string), orig_pkts (count), orig_ip_bytes (count), resp_pkts (count), resp_ip_bytes (count), tunnel_parents (set[string])}
|
||||
1362692527.080972 | HookLogWrite conn [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id.orig_h=141.142.228.5, id.orig_p=59856, id.resp_h=192.150.187.43, id.resp_p=80, proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=]
|
||||
1362692527.080972 | HookLogWrite conn [ts=1362692526.869344, uid=CHhAvVGS1DHFjwGM9, id.orig_h=141.142.228.5, id.orig_p=59856, id.resp_h=192.150.187.43, id.resp_p=80, proto=tcp, service=http, duration=0.211484, orig_bytes=136, resp_bytes=5007, conn_state=SF, local_orig=<uninitialized>, local_resp=<uninitialized>, missed_bytes=0, history=ShADadFf, orig_pkts=7, orig_ip_bytes=512, resp_pkts=7, resp_ip_bytes=5379, tunnel_parents=<uninitialized>]
|
||||
1362692527.080972 | HookQueueEvent ChecksumOffloading::check()
|
||||
1362692527.080972 | HookQueueEvent bro_done()
|
||||
1362692527.080972 | HookQueueEvent connection_state_remove([id=[orig_h=141.142.228.5, orig_p=59856<...>/plain], current_entity=<uninitialized>, orig_mime_depth=1, resp_mime_depth=1], http_state=[pending={}, current_request=1, current_response=1, trans_depth=1], irc=<uninitialized>, krb=<uninitialized>, modbus=<uninitialized>, mysql=<uninitialized>, ntlm=<uninitialized>, radius=<uninitialized>, rdp=<uninitialized>, rfb=<uninitialized>, sip=<uninitialized>, sip_state=<uninitialized>, snmp=<uninitialized>, smtp=<uninitialized>, smtp_state=<uninitialized>, socks=<uninitialized>, ssh=<uninitialized>, syslog=<uninitialized>])
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue