mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
6a6cc7f551
The initial (prefix) and final (suffix) strings are specified individually with a variable number of "any" matches that can occur between these. The previous implementation assumed a single string and rendered it as *<string>*. Reported and PCAP provided by @martinvanhensbergen, thanks! Closes zeek/spicy-ldap#27
11 lines
661 B
Text
11 lines
661 B
Text
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
|
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path ldap_search
|
|
#open XXXX-XX-XX-XX-XX-XX
|
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p message_id scope deref_aliases base_object result_count result diagnostic_message filter attributes
|
|
#types time string addr port addr port int string string string count string string string vector[string]
|
|
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 192.168.10.152 34581 192.168.10.186 389 6 tree always DC=matrix,DC=local 0 - - (gPCUserExtensionNames=[*]) -
|
|
#close XXXX-XX-XX-XX-XX-XX
|