Ryan Victory
63d99595fe
Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both.
2020-06-17 10:13:04 -05:00
Jon Siwek
aeef4bf030
Merge branch 'topic/jgras/dpd-late-match' of https://github.com/J-Gras/zeek
...
* 'topic/jgras/dpd-late-match' of https://github.com/J-Gras/zeek :
Improve dpd_late_match event generation.
Improve logging of speculative service.
Update test-all-policy script.
Add speculative service script.
Allow to handle late DPD matches.
2019-09-17 11:17:41 -07:00
Jan Grashoefer
a810365f0e
Update test-all-policy script.
2019-08-30 11:30:33 +02:00
Johanna Amann
0f96a9dedf
Disable MQTT by default
...
To enable MQTT, one has to load policy/scripts/mqtt. Like with smb in
2.5, the consts are loaded by default.
2019-08-05 17:04:39 -07:00
Jon Siwek
b5050437fa
GH-379: move catch-and-release and unified2 scripts to policy/
...
These are no longer loaded by default due to the performance impact they
cause simply by being loaded (they have event handlers for commonly
generated events) and they aren't generally useful enough to justify it.
2019-06-05 13:33:45 -07:00
Daniel Thayer
be182aac83
More bro-to-zeek renaming in scripts and other files
2019-05-16 02:36:41 -05:00
Jon Siwek
f2f06d66c0
Remove previously deprecated policy/protocols/smb/__load__
2019-05-02 20:50:30 -07:00
Johanna Amann
5d44735209
Remove deprecated functions/events
...
This commit removed functions/events that have been deprecated in Bro
2.6. It also removes the detection code that checks if the old
communication framework is used (since all the functions that are
checked were removed).
Addresses parts of GH-243
2019-05-02 12:06:39 -07:00
Daniel Thayer
18bd74454b
Rename all scripts to have ".zeek" file extension
2019-04-11 21:12:40 -05:00
