Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-01 22:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Allow for multiple generic packet thresholds

Browse source 
Co-authored-by: Arne Welzel <arne.welzel@corelight.com>
This commit is contained in:
Jan Grashoefer 2025-07-04 14:33:28 +02:00
parent d8ee27bdcc
commit e6d8c3b072
9 changed files with 94 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

4
scripts/base/init-bare.zeek
View file

@ -6374,11 +6374,11 @@ module ConnThreshold;
export {
## Number of packets required to be observed on any IP-based session to
## trigger :zeek:id:`conn_generic_packet_threshold_crossed`. Note that the
## threshold refers to the total number of packets transferred in both
## thresholds refers to the total number of packets transferred in both
## directions.
##
## .. zeek:see:: conn_generic_packet_threshold_crossed
const generic_packet_threshold = 5 &redef;
const generic_packet_thresholds: set[count] = {} &redef;
}
module GLOBAL;