Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/scripts/base/frameworks/analyzer
History
Johanna Amann 2f712c3c24 Allow to track service violations in conn.log. 
This introduces ian options, DPD::track_removed_services_in_connection.
It adds failed services to the services column, prefixed with a
"-".

Alternatively, this commit also adds
policy/protocols/conn/failed-services.zeek, which provides the same
information in a new column in conn.log.
2025-01-30 16:59:44 +00:00
..
__load__.zeek analyzer: Add analyzer.log for logging violations/confirmations 2023-01-09 18:11:49 +01:00
dpd.zeek Allow to track service violations in conn.log. 2025-01-30 16:59:44 +00:00
logging.zeek DPD: change handling of pre-confirmation violations, remove max_violations 2025-01-30 16:59:44 +00:00
main.zeek Document get_tag to ensure that name exists 2024-12-18 16:13:13 -05:00
README More bro-to-zeek renaming in scripts and other files 2019-05-16 02:36:41 -05:00

README 

The analyzer framework allows to dynamically enable or disable Zeek's
protocol analyzers, as well as to manage the well-known ports which
automatically activate a particular analyzer for new connections.