mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
04a1ead978
As initial examples, this branch ports the Syslog and Finger analyzers over. We leave the old analyzers in place for now and activate them iff we compile without any Spicy. Needs `zeek-spicy-infra` branches in `spicy/`, `spicy-plugin/`, `CMake/`, and `zeek/zeek-testing-private`. Note that the analyzer events remain associated with the Spicy plugin for now: that's where they will show up with `-NN`, and also inside the Zeekygen documentation. We switch CMake over to linking the runtime library into the plugin, vs. at the top-level through object libraries.
33 lines
915 B
Text
33 lines
915 B
Text
##! Events generated by the Finger analyzer.
|
|
|
|
@ifdef ( Spicy::available ) # must not be used with legacy analyzer
|
|
|
|
## Generated for Finger requests.
|
|
##
|
|
## See `Wikipedia <http://en.wikipedia.org/wiki/Finger_protocol>`__ for more
|
|
## information about the Finger protocol.
|
|
##
|
|
## c: The connection.
|
|
##
|
|
## full: True if verbose information is requested (``/W`` switch).
|
|
##
|
|
## username: The request's user name.
|
|
##
|
|
## hostname: The request's host name.
|
|
##
|
|
## .. zeek:see:: finger_reply
|
|
global finger_request: event(c: connection, full: bool, username: string, hostname: string);
|
|
|
|
## Generated for Finger replies.
|
|
##
|
|
## See `Wikipedia <http://en.wikipedia.org/wiki/Finger_protocol>`__ for more
|
|
## information about the Finger protocol.
|
|
##
|
|
## c: The connection.
|
|
##
|
|
## reply_line: The reply as returned by the server
|
|
##
|
|
## .. zeek:see:: finger_request
|
|
global finger_reply: event(c: connection, reply_line: string);
|
|
|
|
@endif
|