diff options
author | Andreas Lindhé <andreas@lindhe.io> | 2017-10-31 08:33:46 +0100 |
---|---|---|
committer | Andreas Lindhé <andreas@lindhe.io> | 2017-10-31 08:41:40 +0100 |
commit | bc5ecd6da7f068a12b9ee5397178723481c7a3ea (patch) | |
tree | 6ac5bb33df7c3aacde8eb254c4aee1ce1df9dd29 /script/README | |
parent | 2d5d5be5702867a7a719312a5a148489c3b68f31 (diff) | |
download | midbro-bc5ecd6da7f068a12b9ee5397178723481c7a3ea.tar.gz midbro-bc5ecd6da7f068a12b9ee5397178723481c7a3ea.tar.bz2 |
Move all files one level down
Diffstat (limited to 'script/README')
-rw-r--r-- | script/README | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/script/README b/script/README new file mode 100644 index 0000000..15f121e --- /dev/null +++ b/script/README @@ -0,0 +1,9 @@ +This directory contains a baseline implementation of the package parser +implemented as a Bro script. A .bro file contains a script that can be +executed on a Modbus pcap dump. A .log file contains an example for an +output file generated by this script. By convention, the sample log file +should contain the first 100 lines of a real log file obtained from running +the script on packets_00014_20161128135616.cap. + +Currently, the scripts only handle the read_holding_registers event. Other +events can handled by simply copying and adapting the existing handlers. |