mirror of
https://github.com/zeek/zeek.git
synced 2025-10-05 16:18:19 +00:00
110d9fbd6a
work fine now. Todo: * update all baselines * fix the circular reference to the fa_file structure I introduced :) Sadly this does not seem to be entirely straightforward. addresses BIT-953, BIT-760
28 lines
554 B
Text
28 lines
554 B
Text
@load base/frameworks/intel
|
|
|
|
export {
|
|
redef enum Intel::Where += {
|
|
Conn::IN_ORIG,
|
|
Conn::IN_RESP,
|
|
Files::IN_HASH,
|
|
Files::IN_NAME,
|
|
DNS::IN_REQUEST,
|
|
DNS::IN_RESPONSE,
|
|
HTTP::IN_HOST_HEADER,
|
|
HTTP::IN_REFERRER_HEADER,
|
|
HTTP::IN_USER_AGENT_HEADER,
|
|
HTTP::IN_X_FORWARDED_FOR_HEADER,
|
|
HTTP::IN_URL,
|
|
SMTP::IN_MAIL_FROM,
|
|
SMTP::IN_RCPT_TO,
|
|
SMTP::IN_FROM,
|
|
SMTP::IN_TO,
|
|
SMTP::IN_RECEIVED_HEADER,
|
|
SMTP::IN_REPLY_TO,
|
|
SMTP::IN_X_ORIGINATING_IP_HEADER,
|
|
SMTP::IN_MESSAGE,
|
|
SSL::IN_SERVER_NAME,
|
|
SMTP::IN_HEADER,
|
|
X509::IN_CERT,
|
|
};
|
|
}
|