mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 23:28:20 +00:00
12 lines
431 B
Text
12 lines
431 B
Text
# @TEST-EXEC: zeek -r $TRACES/smb/dssetup_DsRoleGetPrimaryDomainInformation_standalone_workstation.cap %INPUT
|
|
# @TEST-EXEC: [ ! -f dce_rpc.log ]
|
|
|
|
@load base/protocols/smb
|
|
|
|
# The DCE_RPC analyzer is a little weird since it's instantiated
|
|
# by the SMB analyzer directly in some cases. Care needs to be
|
|
# taken to handle a disabled analyzer correctly.
|
|
event zeek_init()
|
|
{
|
|
Analyzer::disable_analyzer(Analyzer::ANALYZER_DCE_RPC);
|
|
}
|