mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 07:08:19 +00:00
ded98cd373
This is based on commit 2731def9159247e6da8a3191783c89683363689c from the zeek-docs repo.
305 lines
8.6 KiB
ReStructuredText
305 lines
8.6 KiB
ReStructuredText
:tocdepth: 3
|
|
|
|
base/protocols/redis/spicy-events.zeek
|
|
======================================
|
|
.. zeek:namespace:: Redis
|
|
|
|
Events and records generated by the Redis analyzer.
|
|
|
|
:Namespace: Redis
|
|
|
|
Summary
|
|
~~~~~~~
|
|
Types
|
|
#####
|
|
===================================================== ========================================
|
|
:zeek:type:`Redis::AuthCommand`: :zeek:type:`record` The Redis AUTH command.
|
|
:zeek:type:`Redis::Command`: :zeek:type:`record` A generic Redis command from the client.
|
|
:zeek:type:`Redis::HelloCommand`: :zeek:type:`record` The Redis HELLO command (handshake).
|
|
:zeek:type:`Redis::ReplyData`: :zeek:type:`record` A generic Redis reply from the client.
|
|
:zeek:type:`Redis::SetCommand`: :zeek:type:`record` The Redis SET command.
|
|
===================================================== ========================================
|
|
|
|
Events
|
|
######
|
|
=================================================== =======================================================================
|
|
:zeek:id:`Redis::auth_command`: :zeek:type:`event` Generated for Redis AUTH commands sent to the Redis server.
|
|
:zeek:id:`Redis::command`: :zeek:type:`event` Generated for every command sent by the client to the Redis server.
|
|
:zeek:id:`Redis::error`: :zeek:type:`event` Generated for every error response sent by the Redis server to the
|
|
client.
|
|
:zeek:id:`Redis::get_command`: :zeek:type:`event` Generated for Redis GET commands sent to the Redis server.
|
|
:zeek:id:`Redis::hello_command`: :zeek:type:`event` Generated for Redis HELLO commands sent to the Redis server.
|
|
:zeek:id:`Redis::reply`: :zeek:type:`event` Generated for every successful response sent by the Redis server to the
|
|
client.
|
|
:zeek:id:`Redis::server_push`: :zeek:type:`event` Generated for out-of-band data, outside of the request-response
|
|
model.
|
|
:zeek:id:`Redis::set_command`: :zeek:type:`event` Generated for Redis SET commands sent to the Redis server.
|
|
=================================================== =======================================================================
|
|
|
|
|
|
Detailed Interface
|
|
~~~~~~~~~~~~~~~~~~
|
|
Types
|
|
#####
|
|
.. zeek:type:: Redis::AuthCommand
|
|
:source-code: base/protocols/redis/spicy-events.zeek 33 38
|
|
|
|
:Type: :zeek:type:`record`
|
|
|
|
|
|
.. zeek:field:: username :zeek:type:`string` :zeek:attr:`&optional`
|
|
|
|
The username getting authenticated.
|
|
|
|
|
|
.. zeek:field:: password :zeek:type:`string`
|
|
|
|
The password authenticated with.
|
|
|
|
|
|
The Redis AUTH command.
|
|
|
|
.. zeek:type:: Redis::Command
|
|
:source-code: base/protocols/redis/spicy-events.zeek 47 59
|
|
|
|
:Type: :zeek:type:`record`
|
|
|
|
|
|
.. zeek:field:: raw :zeek:type:`vector` of :zeek:type:`string`
|
|
|
|
The raw command, exactly as parsed
|
|
|
|
|
|
.. zeek:field:: name :zeek:type:`string` :zeek:attr:`&log`
|
|
|
|
The first element of the command. Some commands are two strings, meaning
|
|
this is inaccurate for those cases.
|
|
|
|
|
|
.. zeek:field:: key :zeek:type:`string` :zeek:attr:`&log` :zeek:attr:`&optional`
|
|
|
|
The key, if this command is known to have a key
|
|
|
|
|
|
.. zeek:field:: value :zeek:type:`string` :zeek:attr:`&log` :zeek:attr:`&optional`
|
|
|
|
The value, if this command is known to have a value
|
|
|
|
|
|
.. zeek:field:: known :zeek:type:`Redis::RedisCommand` :zeek:attr:`&optional`
|
|
|
|
The command in an enum if it was known
|
|
|
|
|
|
A generic Redis command from the client.
|
|
|
|
.. zeek:type:: Redis::HelloCommand
|
|
:source-code: base/protocols/redis/spicy-events.zeek 41 44
|
|
|
|
:Type: :zeek:type:`record`
|
|
|
|
|
|
.. zeek:field:: requested_resp_version :zeek:type:`string` :zeek:attr:`&optional`
|
|
|
|
The sent requested RESP version, such as "2" or "3"
|
|
|
|
|
|
The Redis HELLO command (handshake).
|
|
|
|
.. zeek:type:: Redis::ReplyData
|
|
:source-code: base/protocols/redis/spicy-events.zeek 62 69
|
|
|
|
:Type: :zeek:type:`record`
|
|
|
|
|
|
.. zeek:field:: attributes :zeek:type:`string` :zeek:attr:`&optional`
|
|
|
|
The RESP3 attributes applied to this, if any
|
|
|
|
|
|
.. zeek:field:: value :zeek:type:`string` :zeek:attr:`&log`
|
|
|
|
The string version of the reply data
|
|
|
|
|
|
.. zeek:field:: min_protocol_version :zeek:type:`count`
|
|
|
|
The minimum RESP version that supports this reply type
|
|
|
|
|
|
A generic Redis reply from the client.
|
|
|
|
.. zeek:type:: Redis::SetCommand
|
|
:source-code: base/protocols/redis/spicy-events.zeek 7 30
|
|
|
|
:Type: :zeek:type:`record`
|
|
|
|
|
|
.. zeek:field:: key :zeek:type:`string` :zeek:attr:`&log`
|
|
|
|
The key the SET command is setting.
|
|
|
|
|
|
.. zeek:field:: value :zeek:type:`string` :zeek:attr:`&log`
|
|
|
|
The value the SET command is setting key to.
|
|
|
|
|
|
.. zeek:field:: nx :zeek:type:`bool`
|
|
|
|
If NX is set -- only set the key if it does not exist.
|
|
|
|
|
|
.. zeek:field:: xx :zeek:type:`bool`
|
|
|
|
If XX is set -- only set the key if it already exists.
|
|
|
|
|
|
.. zeek:field:: get :zeek:type:`bool`
|
|
|
|
If GET is set -- return the old string stored at key.
|
|
|
|
|
|
.. zeek:field:: ex :zeek:type:`count` :zeek:attr:`&optional`
|
|
|
|
EX option -- set the specified expire time, in seconds.
|
|
|
|
|
|
.. zeek:field:: px :zeek:type:`count` :zeek:attr:`&optional`
|
|
|
|
PX option -- set the specified expire time, in milliseconds.
|
|
|
|
|
|
.. zeek:field:: exat :zeek:type:`count` :zeek:attr:`&optional`
|
|
|
|
EXAT option-- set the specified Unix time at which the key will
|
|
expire, in seconds.
|
|
|
|
|
|
.. zeek:field:: pxat :zeek:type:`count` :zeek:attr:`&optional`
|
|
|
|
PXAT option -- set the specified Unix time at which the key will
|
|
expire, in milliseconds.
|
|
|
|
|
|
.. zeek:field:: keep_ttl :zeek:type:`bool`
|
|
|
|
If KEEPTTL is set -- retain the time to live associated with the key.
|
|
|
|
|
|
The Redis SET command.
|
|
|
|
Events
|
|
######
|
|
.. zeek:id:: Redis::auth_command
|
|
:source-code: base/protocols/redis/spicy-events.zeek 91 91
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, command: :zeek:type:`Redis::AuthCommand`)
|
|
|
|
Generated for Redis AUTH commands sent to the Redis server.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param command: The AUTH command sent to the server and its data.
|
|
|
|
.. zeek:id:: Redis::command
|
|
:source-code: base/protocols/redis/main.zeek 159 238
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, cmd: :zeek:type:`Redis::Command`)
|
|
|
|
Generated for every command sent by the client to the Redis server.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param cmd: The command sent to the server.
|
|
|
|
.. zeek:id:: Redis::error
|
|
:source-code: base/protocols/redis/main.zeek 325 337
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, data: :zeek:type:`Redis::ReplyData`)
|
|
|
|
Generated for every error response sent by the Redis server to the
|
|
client.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param data: The server data sent to the client.
|
|
|
|
.. zeek:id:: Redis::get_command
|
|
:source-code: base/protocols/redis/spicy-events.zeek 84 84
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, key: :zeek:type:`string`)
|
|
|
|
Generated for Redis GET commands sent to the Redis server.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param command: The GET command sent to the server and its data.
|
|
|
|
.. zeek:id:: Redis::hello_command
|
|
:source-code: base/protocols/redis/main.zeek 150 157
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, command: :zeek:type:`Redis::HelloCommand`)
|
|
|
|
Generated for Redis HELLO commands sent to the Redis server.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param command: The HELLO command sent to the server and its data.
|
|
|
|
.. zeek:id:: Redis::reply
|
|
:source-code: base/protocols/redis/main.zeek 294 323
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, data: :zeek:type:`Redis::ReplyData`)
|
|
|
|
Generated for every successful response sent by the Redis server to the
|
|
client. For RESP2, this includes "push" messages, which are out of band.
|
|
These will also raise a server_push event. RESP3 push messages will only
|
|
raise a server_push event.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param data: The server data sent to the client.
|
|
|
|
.. zeek:see:: Redis::server_push
|
|
|
|
.. zeek:id:: Redis::server_push
|
|
:source-code: base/protocols/redis/spicy-events.zeek 133 133
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, data: :zeek:type:`Redis::ReplyData`)
|
|
|
|
Generated for out-of-band data, outside of the request-response
|
|
model.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param data: The server data sent to the client.
|
|
|
|
.. zeek:id:: Redis::set_command
|
|
:source-code: base/protocols/redis/spicy-events.zeek 77 77
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, command: :zeek:type:`Redis::SetCommand`)
|
|
|
|
Generated for Redis SET commands sent to the Redis server.
|
|
|
|
|
|
:param c: The connection.
|
|
|
|
|
|
:param command: The SET command sent to the server and its data.
|
|
|
|
|