Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Add first test of broccoli | Robert Gustafsson | 2017-10-09 |
| | |||
* | bro-script: pasad-parsed: Implement transaction handling | Robin Krahl | 2017-10-03 |
| | |||
* | bro-script: pasad-simple: Add origin and response IP addresses to log | Robin Krahl | 2017-09-26 |
| | |||
* | bro-script: Explain log file source in README | Robin Krahl | 2017-09-25 |
| | |||
* | bro-script: Add more advanced implementation | Robin Krahl | 2017-09-25 |
| | | | | | | | Add a more advanced Bro script implementation that outputs the address and the register value, one line per address. This approach also suffers from the connection assumption described for pasad-simple and contains no sanity checks at all. | ||
* | bro-script: pasad-simple: Change log name to pasad-simple | Robin Krahl | 2017-09-25 |
| | |||
* | bro-script: pasad-simple: Fix typo | Robin Krahl | 2017-09-25 |
| | | | | Write ‘address’ instead of ‘adress’. | ||
* | bro-script: Add simple baseline implementation | Robin Krahl | 2017-09-25 |
| | | | | | | | | | | | | | | This implementation only logs the (combined) request and response events that occur within the same connection. This assumes that a response is always send over the same connection as a request. It is unclear whether this assumption really holds. This implementation does not yet contain error handling, so if there was no response for a request, Bro displays an error message. It also does not contain an interpretation of the values, so if multiple values are read within one request, they are displayed in the same log entry. | ||
* | Add directory for bro-script | Robin Krahl | 2017-09-25 |
Add a (nearly) empty directory for the baseline implementation of the payload extraction as a Bro script executed directly within Bro. |