mirror of
https://github.com/zeek/zeek.git
synced 2025-10-09 10:08:20 +00:00
f2574636b6
Conflicts: scripts/base/protocols/ftp/file-analysis.bro scripts/base/protocols/http/file-analysis.bro scripts/base/protocols/irc/file-analysis.bro scripts/base/protocols/smtp/file-analysis.bro src/file_analysis/File.cc src/file_analysis/File.h src/file_analysis/Manager.cc src/file_analysis/Manager.h testing/btest/Baseline/scripts.base.frameworks.file-analysis.logging/file_analysis.log testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-0.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-1.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-2.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-3.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-BTsa70Ua9x7-1.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-BTsa70Ua9x7.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-Rqjkzoroau4-0.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-Rqjkzoroau4.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-VLQvJybrm38-2.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-VLQvJybrm38.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-zrfwSs9K1yk-3.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-zrfwSs9K1yk.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp.log testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item-BFymS6bFgT3-0.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item-BFymS6bFgT3.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http.log testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item-wqKMAamJVSb-0.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item-wqKMAamJVSb.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc.log testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-0.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-1.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-Ltd7QO7jEv3-1.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-Ltd7QO7jEv3.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-cwR7l6Zctxb-0.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-cwR7l6Zctxb.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp_entities.log testing/btest/scripts/base/protocols/ftp/ftp-extract.bro testing/btest/scripts/base/protocols/http/http-extract-files.bro testing/btest/scripts/base/protocols/irc/dcc-extract.test testing/btest/scripts/base/protocols/smtp/mime-extract.test
20 lines
433 B
Text
20 lines
433 B
Text
FILE_NEW
|
|
file #0, 0, 0
|
|
MIME_TYPE
|
|
application/x-dosexec
|
|
FILE_STATE_REMOVE
|
|
file #0, 1022920, 0
|
|
[orig_h=192.168.72.14, orig_p=3254/tcp, resp_h=65.54.95.206, resp_p=80/tcp]
|
|
total bytes: 1022920
|
|
source: HTTP
|
|
FILE_NEW
|
|
file #1, 0, 0
|
|
MIME_TYPE
|
|
application/octet-stream
|
|
FILE_TIMEOUT
|
|
FILE_TIMEOUT
|
|
FILE_STATE_REMOVE
|
|
file #1, 206024, 0
|
|
[orig_h=192.168.72.14, orig_p=3257/tcp, resp_h=65.54.95.14, resp_p=80/tcp]
|
|
total bytes: 1022920
|
|
source: HTTP
|