[Bro-Dev] [JIRA] (BIT-1142) SNMP Analysis
[ https://bro-tracker.atlassian.net/browse/BIT-1142?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=16013#comment-16013 ] Seth Hall commented on BIT-1142: I'm almost done with it and going to try and get it committed today (i know i've said this before...). SNMP Analysis - Key: BIT-1142 URL: https://bro-tracker.atlassian.net/browse/BIT-1142 Project: Bro Issue Tracker Issue Type: New Feature Components: BinPAC, Bro Affects Versions: git/master Reporter: Jon Siwek Assignee: Seth Hall Fix For: 2.3 /topic/jsiwek/snmp in bro, binpac, and bro-testing-private adds support for parsing SNMP datagrams. It's only absent a snmp.log. Seth, do you mind taking a look at what might make sense for a default snmp.log? I'm guessing it might look similar in concept to dns.log. A difference is I'm not sure how meaningful raw OID to value mappings will be. The code is in a merge-able state as it is in the branch/repos I mentioned, and IMO, has value even without a default snmp.log. So if you just want to flip to a merge request and postpone thinking up an snmp.log for later, I think that's fine, too. -- This message was sent by Atlassian JIRA (v6.3-OD-01-067#6307) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1172) Add uid field to the signatures log stream
[ https://bro-tracker.atlassian.net/browse/BIT-1172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Seth Hall updated BIT-1172: --- Resolution: Merged (was: Fixed) Status: Closed (was: Merge Request) Add uid field to the signatures log stream -- Key: BIT-1172 URL: https://bro-tracker.atlassian.net/browse/BIT-1172 Project: Bro Issue Tracker Issue Type: Patch Components: Bro Affects Versions: git/master Environment: Tested on Debian wheezy and Security Onion Reporter: Anthony Verez Assignee: Seth Hall Attachments: 0001-add-uid-field-to-the-signatures-log-stream.patch This patchs adds a uid field (conn) to the signatures log stream. I wanted to have that to analyze connections that triggered a signature match. Thanks, Anthony Verez -- This message was sent by Atlassian JIRA (v6.3-OD-01-067#6307) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1175) topic/jsiwek/bif-loader-scripts
[ https://bro-tracker.atlassian.net/browse/BIT-1175?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robin Sommer updated BIT-1175: -- Resolution: Merged (was: Fixed) Status: Closed (was: Merge Request) topic/jsiwek/bif-loader-scripts --- Key: BIT-1175 URL: https://bro-tracker.atlassian.net/browse/BIT-1175 Project: Bro Issue Tracker Issue Type: Problem Components: Bro Affects Versions: git/master Reporter: Jon Siwek Fix For: 2.3 This branch is in the cmake and bro repos. And fixes a problem with __load__.bro file generation for .bif.bro stubs that have had their .bif file removed since a previous build of Bro occurred. Bernhard, can you please double-check this fixes the issue you mentioned in BIT-1047 ? -- This message was sent by Atlassian JIRA (v6.3-OD-01-067#6307) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev