mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
11 lines
339 B
Text
11 lines
339 B
Text
##! This script filters the ip_proto field out of the conn.log and disables
|
|
##! logging of connections with unknown IP protocols.
|
|
|
|
@load base/protocols/conn
|
|
@load base/frameworks/analyzer/main
|
|
|
|
redef record Conn::Info$ip_proto -= { &log };
|
|
|
|
event zeek_init() {
|
|
Analyzer::disable_analyzer(PacketAnalyzer::ANALYZER_UNKNOWN_IP_TRANSPORT);
|
|
}
|