Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/protocols
History
Jon Siwek 31f60853c9 GH-646: add new "successful_connection_remove" event 
And switch Zeek's base scripts over to using it in place of
"connection_state_remove".  The difference between the two is
that "connection_state_remove" is raised for all events while
"successful_connection_remove" excludes TCP connections that were never
established (just SYN packets).  There can be performance benefits
to this change for some use-cases.

There's also a new event called ``connection_successful`` and a new
``connection`` record field named "successful" to help indicate this new
property of connections.
2019-11-11 19:52:59 -08:00
..
conn GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
dce-rpc GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
dhcp GH-485: fix cases where DHCP log omits MAC field 2019-07-26 20:05:15 -07:00
dnp3 GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
dns GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
ftp GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
http GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
imap Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00
irc GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
krb GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
modbus Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00
mqtt Disable MQTT by default 2019-08-05 17:04:39 -07:00
mysql GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
ntlm GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
ntp Use explicit path name for NTP log stream 2019-10-25 10:38:58 -07:00
pop3 Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
radius GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
rdp GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
rfb GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
sip GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
smb Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00
smtp GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
snmp GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
socks GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
ssh GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
ssl GH-646: add new "successful_connection_remove" event 2019-11-11 19:52:59 -08:00
syslog Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00
tunnels Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
xmpp Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00