Mirror/zeek - git.uphillsecurity.com: We code.

989 commits 385 branches 195 tags 258 MiB

Author	SHA1	Message	Date
Seth Hall	60a305c111	Intelligence framwork updates. - Split Item into Item and QueryItem as suggested by Robin. - QueryItem now has $and_tags and $or_tags. Each acts as AND or OR for the given tags against each relevant metadata value. - 'insert' turned into a function and new insert_event created. - First use of intelligence framework in HTTP analysis.	2011-06-17 23:30:16 -04:00
Seth Hall	ae3bd76769	Reorganizing the policy scripts for clarity.	2011-06-01 10:07:53 -04:00

Author

SHA1

Message

Date

Seth Hall

60a305c111

Intelligence framwork updates.

- Split Item into Item and QueryItem as suggested by Robin.
- QueryItem now has $and_tags and $or_tags.  Each
  acts as AND or OR for the given tags against
  each relevant metadata value.
- 'insert' turned into a function and new insert_event created.
- First use of intelligence framework in HTTP analysis.

2011-06-17 23:30:16 -04:00

Seth Hall

ae3bd76769

Reorganizing the policy scripts for clarity.

2011-06-01 10:07:53 -04:00

Renamed from policy/http/detect-intel.bro (Browse further)

2 commits