zeek/scripts/base/frameworks/analyzer at eea194ddd826cd002b96f33416ad9e65c678f321 - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00

History

Johanna Amann 58613f0313 Introduce new c$failed_analyzers field This field is used internally to trace which analyzers already had a violation. This is mostly used to prevent duplicate logging. In the past, c$service_violation was used for a similar purpose - however it has slightly different semantics. Where c$failed_analyzers tracks analyzers that were removed due to a violation, c$service_violation tracks violations - and doesn't care if an analyzer was actually removed due to it.		2025-06-04 12:07:13 +01:00
..
__load__.zeek	dpd->analyzer.log change - rename files	2025-06-03 16:32:52 +01:00
dpd.zeek	Introduce new c$failed_analyzers field	2025-06-04 12:07:13 +01:00
logging.zeek	Introduce new c$failed_analyzers field	2025-06-04 12:07:13 +01:00
main.zeek	Analyzer failure logging: tweaks and test fixes	2025-06-03 15:56:42 +01:00
README	More bro-to-zeek renaming in scripts and other files	2019-05-16 02:36:41 -05:00

README

The analyzer framework allows to dynamically enable or disable Zeek's
protocol analyzers, as well as to manage the well-known ports which
automatically activate a particular analyzer for new connections.