Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/testing/btest/Baseline/scripts.base.frameworks.logging.dataseries.options/ssh.ds.xml
Robin Sommer fabe891d4f Fixing pack_scale and time-as-int. 
Also removing now unneccessary canonifier script, and updating test
baselines.
2012-05-14 22:04:57 -07:00

16 lines
688 B
XML
Raw Blame History

<ExtentType name="ssh" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1e-6" print_format="%.6f" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
<field type="variable32" name="status" pack_unique="yes"/>
<field type="variable32" name="country" pack_unique="yes"/>
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
<!-- status : string -->
<!-- country : string -->
Reference in a new issue View git blame Copy permalink