mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
a0c06a957b
This supports parsing of SNMPv1 (RFC 1157), SNMPv2 (RFC 1901/3416), and SNMPv2 (RFC 3412). An event is raised for each SNMP PDU type, though there's not currently any event handlers for them and not a default snmp.log either. However, simple presence of SNMP is currently visible now in conn.log service field and known_services.log.
15 lines
243 B
Text
15 lines
243 B
Text
##! Enables analysis of SNMP datagrams.
|
|
|
|
module SNMP;
|
|
|
|
export {
|
|
}
|
|
|
|
const ports = { 161/udp, 162/udp };
|
|
|
|
redef likely_server_ports += { ports };
|
|
|
|
event bro_init() &priority=5
|
|
{
|
|
Analyzer::register_for_ports(Analyzer::ANALYZER_SNMP, ports);
|
|
}
|