This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/configure.in b/configure.in | |
index c820a9a..d754ed9 100644 | |
--- a/configure.in | |
+++ b/configure.in | |
@@ -928,6 +928,43 @@ if test "x$enable_aruba" = "xyes"; then | |
CPPFLAGS="$CPPFLAGS -DARUBA" | |
fi | |
+AC_ARG_ENABLE(bro, | |
+[ --enable-bro Enable Bro output plugin], |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ts orig_h orig_p resp_h resp_p facility severity msg | |
1260226618.22805 192.168.1.2 44457 192.168.1.101 514 DAEMON NOTICE Dec 7 14:58:31 SEL-3620B Login: Login successful by: admin at 192.168.1.101^J |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
redef Cluster::nodes = { | |
["manager-1"] = [$node_type=Cluster::MANAGER, $ip=127.0.0.1, $p=47757/tcp, $workers=set("worker-1")], | |
["proxy-1"] = [$node_type=Cluster::PROXY, $ip=127.0.0.1, $p=47758/tcp, $manager="manager-1", $workers=set("worker-1")], | |
["worker-1"] = [$node_type=Cluster::WORKER, $ip=127.0.0.1, $p=47759/tcp, $proxy="proxy-1", $manager="manager-1", $interface="eth1"], | |
["control"] = [$node_type=Cluster::CONTROL, $ip=127.0.0.1, $p=47761/tcp], | |
["time-machine"] = [$node_type=Cluster::TIME_MACHINE, $ip=127.0.0.1, $p=47762/tcp], | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
event bro_init() | |
{ | |
print "hello world!"; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module ActiveHTTP; | |
export { | |
## The default timeout for HTTP requests. | |
const default_request_timeout = 1min &redef; | |
## The default HTTP method/verb to use for requests. | |
const default_method = "GET" &redef; | |
type Request: record { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module MSCerts; | |
%byteorder=BinPAC::ByteOrder::Little; | |
type SerializedPropertyEntry = unit { | |
id : uint32; | |
encodingType : uint32; | |
len : uint32; | |
value : bytes &length=self.len; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
V: tlsdate version 0.0.6 | |
V: We were called with the following arguments: | |
V: validate SSL certificates host = www.ptb.de:443 | |
V: time is currently 1360847906.161771000 | |
V: time is greater than RECENT_COMPILE_DATE | |
V: using TLSv1_client_method() | |
V: Using OpenSSL for SSL | |
V: opening socket to www.ptb.de:443 | |
V: certificate verification passed | |
V: commonName matched: www.ptb.de |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
local a = Metrics::create_measurement("apps.bytes", [$measure=set(Metrics::SUM)]); | |
local b = Metrics::create_measurement("apps.hits", [$measure=set(Metrics::UNIQUE)]); | |
Metrics::create_metric([$every=break_interval, $measurements=set(a, b), | |
$period_finished(ts: time, metric_name: string, filter_name: string, data: Metrics::MetricTable) = | |
{ | |
print "woo"; | |
}]); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
module DNS; | |
export { | |
redef enum Notice::Type += { | |
## We saw a lot of unique DNS requests! | |
DNS::Too_Much_Unique_DNS, | |
}; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
event file_windows_pe_dosstub(f: fa_file, checksum: count) | |
{ | |
print fmt("pe header offset: %d", checksum); | |
} | |
event file_windows_pe_timestamp(f: fa_file, ts: time) | |
{ | |
print fmt("timestamp! %D", ts); | |
print f$mime_type; | |
} |
OlderNewer