Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/src/file_analysis
History
Bernhard Amann 0d50b8b04f Change x509 log - now certificates are only logged once per hour. 
Add parsing of several more types to SAN extension.

Make error messages of x509 file analyzer more useful.

Fix file ID generation.

You apparently have to be very careful which EndOfFile function of
the file analysis framework you call... otherwhise it might try
to close another file id. This took me quite a while to find.

addresses BIT-953, BIT-760, BIT-1150
2014-03-13 00:05:48 -07:00
..
analyzer Change x509 log - now certificates are only logged once per hour. 2014-03-13 00:05:48 -07:00
Analyzer.cc Internal refactoring of how plugin components are tagged/managed. 2013-08-01 10:35:47 -05:00
Analyzer.h Factor out the need for a tag field in Files::AnalyzerArgs record. 2013-07-31 09:48:19 -05:00
AnalyzerSet.cc Add options to limit extracted file sizes w/ 100MB default. 2013-08-22 16:37:58 -05:00
AnalyzerSet.h Add options to limit extracted file sizes w/ 100MB default. 2013-08-22 16:37:58 -05:00
CMakeLists.txt Factor out the need for a tag field in Files::AnalyzerArgs record. 2013-07-31 09:48:19 -05:00
Component.cc Internal refactoring of how plugin components are tagged/managed. 2013-08-01 10:35:47 -05:00
Component.h Internal refactoring of how plugin components are tagged/managed. 2013-08-01 10:35:47 -05:00
File.cc Fix file_over_new_connection event to trigger when entire file is missed. 2014-01-24 16:47:00 -06:00
File.h Add options to limit extracted file sizes w/ 100MB default. 2013-08-22 16:37:58 -05:00
file_analysis.bif Internal refactoring of how plugin components are tagged/managed. 2013-08-01 10:35:47 -05:00
FileTimer.cc Internal refactoring of how plugin components are tagged/managed. 2013-08-01 10:35:47 -05:00
FileTimer.h Improve file analysis doxygen comments. 2013-05-23 10:22:49 -05:00
Manager.cc Merge remote-tracking branch 'origin/topic/jsiwek/http-file-id-caching' 2014-01-31 08:41:31 -08:00
Manager.h Change x509 log - now certificates are only logged once per hour. 2014-03-13 00:05:48 -07:00
Tag.cc Add a distinct tag class for file analyzers. 2013-07-30 15:19:48 -05:00
Tag.h Internal refactoring of how plugin components are tagged/managed. 2013-08-01 10:35:47 -05:00