Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 15:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
3679 commits 386 branches 195 tags 257 MiB
Commit graph

7 commits

Author SHA1 Message Date
Seth Hall
ecfac31de0 Fixed SMTP URL extraction for the Intel framework with Files updates. 2013-07-09 11:51:23 -04:00
Seth Hall
df2841458d Large overhaul in name and appearance for file analysis. 2013-07-05 02:00:14 -04:00
Jon Siwek
b8c98b8bf7 FileAnalysis: change terminology s/action/analyzer 2013-04-11 14:53:54 -05:00
Jon Siwek
a2d9b47bcd FileAnalysis: finish switching hooks to events. 2013-04-10 11:13:43 -05:00
Jon Siwek
641154f8e8 FileAnalysis: checkpoint in middle of big reorganization. 
- FileAnalysis::Info is now just a record used for logging, the fa_file
  record type is defined in init-bare.bro as the analogue to a
  connection record.

- Starting to transfer policy hook triggers and analyzer results to
  events.
 2013-04-09 15:49:58 -05:00
Jon Siwek
497496ec83 FileAnalysis: replace script-layer SMTP file analysis. 
Notable differences:

- Removed SMTP::MD5 notice.

- Removed ability to specify mime entity excerpt length per mime-type.
 2013-03-26 15:48:52 -05:00
Seth Hall
172a6345b8 Extracting URLs from message bodies over SMTP and sending them to Intel framework. 
- New utils package for URLs.

- Two functions in the URLs utils.  find_all_urls and
  find_all_urls_without_scheme.
 2012-10-31 08:46:40 -04:00