Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

update scripts loaded by default in local.bro.

Browse source 
We now load stats and capture-loss by default. Traceroute is disabled by
default because it can cause a lot of message load.
This commit is contained in:
Johanna Amann 2016-08-10 08:57:22 -07:00
parent cdb27a953d
commit ba825e8910
1 changed files with 10 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
scripts/site/local.bro
View file

@ -8,11 +8,19 @@
# Apply the default tuning scripts for common tuning settings. # Apply the default tuning scripts for common tuning settings.
@load tuning/defaults @load tuning/defaults
# Estimate and log capture loss.
@load misc/capture-loss
# Enable logging of memory, packet and lag statistics.
@load misc/stats
# Load the scan detection script. # Load the scan detection script.
@load misc/scan @load misc/scan
# Detect traceroute being run on the network. # Detect traceroute being run on the network. This could possibly cause
@load misc/detect-traceroute # performance trouble when there are a lot of traceroutes on your network.
# Enable cautiously.
#@load misc/detect-traceroute
# Generate notices when vulnerable versions of software are discovered. # Generate notices when vulnerable versions of software are discovered.
# The default is to only monitor software found in the address space defined # The default is to only monitor software found in the address space defined