Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 10:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
No description
862 commits 390 branches 195 tags 268 MiB
Find a file
Seth Hall c5f683ee47 Notices actions are now accumulative. 
- New log file for auditing the notice policy to
  see at a specific point in time what the fully
  ordered (by priority) notice policy was.
- New notice action "ACTION_STOP" to stop processing
  the notice policy.  This is essentially how the old
  IGNORE action can be done with the accumulative
  notices actions.  It just needs to be set as the
  $result at an at an appropriately high priority.
- No longer using the "match" statement as it didn't
  provide the flexibility to implement accumulative
  notice actions.  The functionality is now implemented
  completely in script-land.
- Beginning removal of action-filters script.
  Still need to come up with a way to implement
  some of the functionality of that script.
- Small documentation updates.
2011-06-24 13:35:48 -04:00
aux Updating submodule(s). 2011-06-14 21:16:01 -07:00
cmake Changes to allow DEB packaging via CPack, addresses #458 2011-05-16 13:51:32 -05:00
doc Doc tweaks for new conn/contents.bro 2011-05-25 15:34:57 -05:00
pkg Packaging tweaks and rewrite of 'dist' target. 2011-05-20 17:08:59 -05:00
policy Notices actions are now accumulative. 2011-06-24 13:35:48 -04:00
policy.old Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-06-14 13:02:19 -04:00
src Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-06-16 22:02:09 -04:00
testing Merge remote branch 'origin/master' into topic/policy-scripts-new 2011-06-16 22:02:09 -04:00
.gitignore New Makefile wrapper in top-level directory. 2010-11-26 15:31:00 -08:00
.gitmodules New submodule location. 2011-03-11 18:33:44 -08:00
bro-path-dev.in Reorganizing the policy scripts for clarity. 2011-06-01 10:07:53 -04:00
CHANGES Merge remote branch 'origin/topic/robin/conn-ids' 2011-04-22 22:13:44 -07:00
Checklist-for-Release Cleanup of the Bro distribution. 2010-11-26 13:45:54 -08:00
CMakeLists.txt Merge branch 'master' into topic/jsiwek/doc-framework 2011-04-07 16:44:29 -05:00
config.h.in Fix unnecessary config.h preprocessor (re)definitions. 2011-04-11 16:59:07 -05:00
configure Changes to the way user-modifiable config files are installed. 2011-02-24 22:02:22 -06:00
COPYING Cleanup of the Bro distribution. 2010-11-26 13:45:54 -08:00
INSTALL Add explicit CMake check for compiler 2011-03-09 11:48:00 -06:00
Makefile Packaging tweaks and rewrite of 'dist' target. 2011-05-20 17:08:59 -05:00
README Cleanup of the Bro distribution. 2010-11-26 13:45:54 -08:00
VERSION Merge remote branch 'origin/topic/robin/conn-ids' 2011-04-22 22:13:44 -07:00

README 

This is release 1.6 of Bro, a system for detecting network intruders in
real-time using passive network monitoring.

Please see the file INSTALL for installation instructions and
pointers for getting started. For more documentation, see the
documentation on Bro's home page:

    http://www.bro-ids.org/docs

The main parts of Bro's documentation are also available in the doc/
directory of the distribution. (Please note that the documentation
is still a work in progress; there will be more in future releases.)

Numerous other Bro-related publications, including a paper describing the
system, can be found at

    http://www.bro-ids.org/publications.html

Send comments, etc., to the Bro mailing list, bro@bro-ids.org.
However, please note that you must first subscribe to the list in
order to be able to post to it.

- Vern Paxson & Robin Sommer, on behalf of the Bro development team

Lawrence Berkeley National Laboratory
University of California, Berkeley  USA

ICSI Center for Internet Research (ICIR)
International Computer Science Institute
Berkeley, CA  USA
vern@icir.org / robin@icir.org