mirror of
https://github.com/zeek/zeek.git
synced 2025-10-10 10:38:20 +00:00
38ac03d558
It was mostly redundant when logged, but still can be useful to inspect at runtime. In the future, a better field for logging will be available which will be similar to the "service" field for connection records (there's not any file-format-specific analyzers that would currently make use of such a thing).
10 lines
724 B
Text
10 lines
724 B
Text
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path file_analysis
|
|
#open 2013-05-21-16-47-14
|
|
#fields id parent_id source is_orig last_active seen_bytes total_bytes missing_bytes overflow_bytes timeout_interval bof_buffer_size mime_type timedout conn_uids extracted_files md5 sha1 sha256
|
|
#types string string string bool time count count count count interval count string bool table[string] table[string] string string string
|
|
Cx92a0ym5R8 - HTTP F 1362692527.009775 4705 4705 0 0 120.000000 1024 text/plain F UWkUyAuUGXf Cx92a0ym5R8-file 397168fd09991a0e712254df7bc639ac 1dd7ac0398df6cbc0696445a91ec681facf4dc47 4e7c7ef0984119447e743e3ec77e1de52713e345cde03fe7df753a35849bed18
|
|
#close 2013-05-21-16-47-14
|