mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 22:58:20 +00:00
Merge remote-tracking branch 'origin/topic/vladg/mysql'
* origin/topic/vladg/mysql: Update baselines. Fix a logic bug with handling quits after the cleanup. Integrate MySQL with the software framework A bit of MySQL cleanup - removed unused events, consolidated similar events, fixed up main.bro a bit Move MySQL analyzer to the new plugin architecture. Add a btest for the Wireshark sample MySQL PCAP Add support for more commands, and support quit Redo the response handling.. Whitespace/readability fixes. Add memleak and auth btests. Update baselines. Get MySQL to compile and add basic v9 support. MySQL analyzer
This commit is contained in:
Robin Sommer
commit
e8e81043a1
37 changed files with 1390 additions and 348 deletions
20
scripts/policy/protocols/mysql/software.bro
Normal file
20
scripts/policy/protocols/mysql/software.bro
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
##! Software identification and extraction for MySQL traffic.
|
||||
|
||||
@load base/frameworks/software
|
||||
|
||||
module MySQL;
|
||||
|
||||
export {
|
||||
redef enum Software::Type += {
|
||||
## Identifier for MySQL servers in the software framework.
|
||||
SERVER,
|
||||
};
|
||||
}
|
||||
|
||||
event mysql_server_version(c: connection, ver: string)
|
||||
{
|
||||
if ( ver == "" )
|
||||
return;
|
||||
|
||||
Software::found(c$id, [$unparsed_version=ver, $host=c$id$resp_h, $software_type=SERVER]);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue