mirror of
https://github.com/zeek/zeek.git
synced 2025-10-10 18:48:20 +00:00
22bf3e1196
- The bit-length is adjustable via redef'ing bits_per_uid. - Prefix 'C' is used for connection UIDS (including IP tunnels) and 'F' for files.
15 lines
1.6 KiB
Text
15 lines
1.6 KiB
Text
#separator \x09
|
|
#set_separator ,
|
|
#empty_field (empty)
|
|
#unset_field -
|
|
#path ftp
|
|
#open 2013-08-26-18-40-14
|
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p user password command arg mime_type file_size reply_code reply_msg data_channel.passive data_channel.orig_h data_channel.resp_h data_channel.resp_p fuid
|
|
#types time string addr port addr port string string string string string count count string bool addr addr port string
|
|
1329843175.680248 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 anonymous test PASV - - - 227 Entering Passive Mode (199,233,217,249,221,90) T 141.142.220.235 199.233.217.249 56666 -
|
|
1329843179.815947 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 anonymous test PASV - - - 227 Entering Passive Mode (199,233,217,249,221,91) T 141.142.220.235 199.233.217.249 56667 -
|
|
1329843179.926563 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 anonymous test RETR ftp://199.233.217.249/./robots.txt text/plain 77 226 Transfer complete. - - - - FmGk6O3KEoCPd4zuQd
|
|
1329843194.040188 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 anonymous test PORT 141,142,220,235,131,46 - - 200 PORT command successful. F 199.233.217.249 141.142.220.235 33582 FmGk6O3KEoCPd4zuQd
|
|
1329843197.672179 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 anonymous test PORT 141,142,220,235,147,203 - - 200 PORT command successful. F 199.233.217.249 141.142.220.235 37835 FmGk6O3KEoCPd4zuQd
|
|
1329843197.727769 CXWv6p3arKYeMETxOg 141.142.220.235 50003 199.233.217.249 21 anonymous test RETR ftp://199.233.217.249/./robots.txt text/plain 77 226 Transfer complete. - - - - Fuh3fj1cWjSe4spPPl
|
|
#close 2013-08-26-18-40-14
|