mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
fa48c88533
This instantiates the SSL analyzer when the client requests SSL so that Zeek now has a bit more visibility into encrypted MySQL connections. The pattern used is the same as in the IMAP, POP or XMPP analyzer.
16 lines
551 B
Text
16 lines
551 B
Text
# This tests how Zeek deals with encrypted connections. Right now, it
|
|
# doesn't log them as it can't parse much of value. We're testing for an
|
|
# empty mysql.log file.
|
|
|
|
# @TEST-EXEC: touch mysql.log
|
|
# @TEST-EXEC: zeek -b -r $TRACES/mysql/encrypted.trace %INPUT
|
|
# @TEST-EXEC: btest-diff mysql.log
|
|
#
|
|
# Ensure the connection was handed off by peaking into some other logs.
|
|
# @TEST-EXEC: btest-diff conn.log
|
|
# @TEST-EXEC: btest-diff ssl.log
|
|
# @TEST-EXEC: btest-diff x509.log
|
|
|
|
@load base/protocols/conn
|
|
@load base/protocols/mysql
|
|
@load base/protocols/ssl
|