mirror of
https://github.com/zeek/zeek.git
synced 2025-10-06 00:28:21 +00:00
e2dc0092f3
* 'ntp-rewrite' of https://github.com/mauropalumbo75/zeek: (25 commits) update tests baseline Apply requested changes: - file dpd.sig and TODO comments for signature protocol detection removed - missing doc field filled in events.bif - rename OpCode and ReqCode fields into op_code and req_code respectively - removed unnecessary child method in NTP.h/.cc - main.zeek and ntp-protocol.pac reformatted minor changes in the documentation fix some initializations fix wrong assignment of control key_id/crypto_checksum code clean up add extension fields parsing add extended mac field with 20 byte digest (+4 byte key id) update tests and add a new one for key_id and mac fix auth field (key_id and mac) in standard and control msg remove old NTP record in init-bare.zeek fix key_id and digest (WIP) fix wrong Assign with reference_id add tests for ntp protocol (finished) add tests for ntp protocol (WIP) fix problem with time vals add ntp records to init-bare.zeek update ntp analyzer to val_mgr extend and refact script-side of NTP analyzer extend and refactor several fields ...
12 lines
357 B
Text
12 lines
357 B
Text
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path known_services
|
|
#open 2019-06-15-23-44-01
|
|
#fields ts host port_num port_proto service
|
|
#types time addr port enum set[string]
|
|
1308930716.462556 74.125.225.81 80 tcp HTTP
|
|
1308930726.889624 141.142.192.39 22 tcp SSH
|
|
1308930727.236071 69.50.219.51 123 udp NTP
|
|
#close 2019-06-15-23-44-01
|