zeek/scripts/base/frameworks/notice at df99f87dbf2a55d20ef80caadb3a17bc8cfe2f21 - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-04 15:48:19 +00:00

History

Bernhard Amann 4ae52d9e1c Support parsing of several TLS extensions. At the moment, we have support for: elliptic_curves: client supported elliptic curves ec_point_formats: list of client supported EC point formats application_layer_protocol_negotiation: list of supported application layer protocols (used for spdy/http2 negotiation) server_name: server name sent by client. This was supported before, but... a bit brittle.		2014-04-23 14:34:06 -07:00
..
actions	Document which Bro script vars are set by BroControl	2013-10-22 16:40:29 -05:00
extend-email	Updates for the notices framework.	2013-02-11 14:36:14 -05:00
__load__.bro	Updates for the notices framework.	2013-02-11 14:36:14 -05:00
cluster.bro	change Notice::suppressing to be a table of times	2013-12-31 10:09:44 -05:00
main.bro	Improve performance of MHR script, addresses BIT-1139.	2014-03-11 13:18:14 -05:00
non-cluster.bro	Fix typos and formatting in the notice framework docs	2013-10-22 09:16:29 -05:00
README	Add more script package README files	2013-10-22 14:44:59 -05:00
weird.bro	Support parsing of several TLS extensions.	2014-04-23 14:34:06 -07:00

README

The notice framework enables Bro to "notice" things which are odd or
potentially bad, leaving it to the local configuration to define which
of them are actionable.  This decoupling of detection and reporting allows
Bro to be customized to the different needs that sites have.