bro-script: pasad-simple: Add origin and response IP addresses to log

author: Robin Krahl <me@robin-krahl.de> 2017-09-26 10:13:48 +0200
committer: Robin Krahl <me@robin-krahl.de> 2017-09-26 10:13:48 +0200
commit: 6e84c15ee425c7bcd506946fcd37cad096199435 (patch)
tree: 9a0ed5e3e0ef2125de1ab5e4d54ddd99a9ae42fe /bro-script/pasad-simple.bro
parent: 46f518825c4e934b950c1ce0c9936fd106798408 (diff)
download: midbro-6e84c15ee425c7bcd506946fcd37cad096199435.tar.gz
midbro-6e84c15ee425c7bcd506946fcd37cad096199435.tar.bz2
1 files changed, 11 insertions, 1 deletions
diff --git a/bro-script/pasad-simple.bro b/bro-script/pasad-simple.bro
index 759d607..db3b4be 100644
--- a/bro-script/pasad-simple.bro
+++ b/bro-script/pasad-simple.bro
@@ -16,6 +16,8 @@ export {
 		rtype: 		string	&log;
 		tid_request:	count	&log;
 		tid_response:	count	&log &optional;
+		ip_orig:	addr	&log;
+		ip_resp:	addr	&log;
 		start_address:	count	&log;
 		quantity:	count	&log;
 		registers:	ModbusRegisters &log &optional;
@@ -33,7 +35,15 @@ event bro_init() &priority=5
 
 event modbus_read_holding_registers_request(c: connection, headers: ModbusHeaders, start_address: count, quantity: count)
 	{
-	local rec: Info = [$ts_request=network_time(), $rtype="holding", $tid_request=headers$tid, $start_address=start_address, $quantity=quantity];
+	local rec: Info = [
+		$ts_request=network_time(),
+		$rtype="holding",
+		$tid_request=headers$tid,
+		$start_address=start_address,
+		$quantity=quantity,
+		$ip_orig=c$id$orig_h,
+		$ip_resp=c$id$resp_h
+	];
 	c$pasad = rec;
 	}
author	Robin Krahl <me@robin-krahl.de>	2017-09-26 10:13:48 +0200
committer	Robin Krahl <me@robin-krahl.de>	2017-09-26 10:13:48 +0200
commit	6e84c15ee425c7bcd506946fcd37cad096199435 (patch)
tree	9a0ed5e3e0ef2125de1ab5e4d54ddd99a9ae42fe /bro-script/pasad-simple.bro
parent	46f518825c4e934b950c1ce0c9936fd106798408 (diff)
download	midbro-6e84c15ee425c7bcd506946fcd37cad096199435.tar.gz midbro-6e84c15ee425c7bcd506946fcd37cad096199435.tar.bz2