Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
6725 commits 387 branches 195 tags 259 MiB
Commit graph

4 commits

Author SHA1 Message Date
Jan Grashoefer
df5d9adfb4 Fixed insertion of nested subnets. 
When inserting, existance of the given subnet is checked using exact
matching instead of longest prefix matching. Before, inserting a subnet
would have updated the subnet item, which is the longest prefix of the
inserted subnet, if present.
 2016-06-22 21:14:06 +02:00
Jan Grashoefer
1412de1798 Refactored FAF integration of intel framework. 
File Analysis Framework related code has been moved into a separate
script. Using redefinitions of the corresponding records causes the
file-related columns to appear last.
 2016-06-15 21:56:53 +02:00
Jan Grashoefer
859eb5eac7 Merge branch 'master' into topic/jgras/intel-update 2016-05-11 18:59:58 +02:00
Jan Grashoefer
cafae5351b Added support for subnets to intel-framework. 
The intel-framework now supports the new indicator type Intel::SUBNET.
As subnets are matched against seen addresses, the field matched was
introduced to indicate which indicator types caused the hit. A testcase
for subents was added and the old ones have been updated accordingly.
 2016-03-22 19:16:51 +01:00