mirror of
https://github.com/zeek/zeek.git
synced 2025-10-09 18:18:19 +00:00
f2574636b6
Conflicts: scripts/base/protocols/ftp/file-analysis.bro scripts/base/protocols/http/file-analysis.bro scripts/base/protocols/irc/file-analysis.bro scripts/base/protocols/smtp/file-analysis.bro src/file_analysis/File.cc src/file_analysis/File.h src/file_analysis/Manager.cc src/file_analysis/Manager.h testing/btest/Baseline/scripts.base.frameworks.file-analysis.logging/file_analysis.log testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-0.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-1.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-2.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-3.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-BTsa70Ua9x7-1.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-BTsa70Ua9x7.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-Rqjkzoroau4-0.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-Rqjkzoroau4.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-VLQvJybrm38-2.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-VLQvJybrm38.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-zrfwSs9K1yk-3.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp-item-zrfwSs9K1yk.dat testing/btest/Baseline/scripts.base.protocols.ftp.ftp-extract/ftp.log testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item-BFymS6bFgT3-0.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item-BFymS6bFgT3.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http-item.dat testing/btest/Baseline/scripts.base.protocols.http.http-extract-files/http.log testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item-wqKMAamJVSb-0.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item-wqKMAamJVSb.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc-dcc-item.dat testing/btest/Baseline/scripts.base.protocols.irc.dcc-extract/irc.log testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-0.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-1.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-Ltd7QO7jEv3-1.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-Ltd7QO7jEv3.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-cwR7l6Zctxb-0.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp-entity-cwR7l6Zctxb.dat testing/btest/Baseline/scripts.base.protocols.smtp.mime-extract/smtp_entities.log testing/btest/scripts/base/protocols/ftp/ftp-extract.bro testing/btest/scripts/base/protocols/http/http-extract-files.bro testing/btest/scripts/base/protocols/irc/dcc-extract.test testing/btest/scripts/base/protocols/smtp/mime-extract.test
12 lines
693 B
Text
12 lines
693 B
Text
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path smtp_entities
|
|
#open 2013-06-07-19-32-56
|
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth filename content_len mime_type md5 extraction_file excerpt
|
|
#types time string addr port addr port count string count string string string string
|
|
1254722770.692743 arKYeMETxOg 10.10.1.4 1470 74.53.140.153 25 1 - 79 text/plain - smtp-entity-mR3f2AAKo11.dat (empty)
|
|
1254722770.692743 arKYeMETxOg 10.10.1.4 1470 74.53.140.153 25 1 - 1918 text/html - - (empty)
|
|
1254722770.692804 arKYeMETxOg 10.10.1.4 1470 74.53.140.153 25 1 NEWS.txt 10823 text/plain - smtp-entity-ZNp0KBSLByc.dat (empty)
|
|
#close 2013-06-07-19-32-56
|